Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-19 | CVE-2018-18396 | Unspecified vulnerability in Moxa Thingspro 2.1 Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 9.8 |
| 2018-10-19 | CVE-2018-18395 | Unspecified vulnerability in Moxa Thingspro 2.1 Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 9.8 |
| 2018-10-19 | CVE-2018-18394 | Cleartext Storage of Sensitive Information vulnerability in Moxa Thingspro 2.1 Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 9.8 |
| 2018-10-19 | CVE-2018-18393 | Unspecified vulnerability in Moxa Thingspro 2.1 Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 9.8 |
| 2018-10-19 | CVE-2018-18392 | Unspecified vulnerability in Moxa Thingspro 2.1 Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 8.8 |
| 2018-10-19 | CVE-2018-18391 | Unspecified vulnerability in Moxa Thingspro 2.1 User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 8.8 |
| 2018-10-19 | CVE-2018-18390 | Information Exposure vulnerability in Moxa Thingspro 2.1 User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 7.5 |
| 2018-09-20 | CVE-2018-16282 | OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.2 A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI. | 8.8 |
| 2018-07-24 | CVE-2018-10632 | Resource Exhaustion vulnerability in Moxa products In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. | 7.5 |
| 2018-05-14 | CVE-2017-14439 | Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1 Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. | 7.5 |