Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-25 | CVE-2019-5148 | Integer Underflow (Wrap or Wraparound) vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. | 7.5 |
| 2020-02-25 | CVE-2019-5143 | Use of Externally-Controlled Format String vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-25 | CVE-2019-5142 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. | 7.2 |
| 2020-02-25 | CVE-2019-5141 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-25 | CVE-2019-5140 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-25 | CVE-2019-5139 | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. | 7.1 |
| 2020-02-25 | CVE-2019-5138 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. | 9.9 |
| 2020-02-25 | CVE-2019-5137 | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. | 7.5 |
| 2020-02-25 | CVE-2019-5136 | Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-14 | CVE-2020-8858 | OS Command Injection vulnerability in Moxa products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. | 8.8 |