Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-6094 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Oncell G3150A-Lte Firmware 1.3 A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. | 5.3 |
| 2023-12-23 | CVE-2023-5961 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. | 8.8 |
| 2023-12-23 | CVE-2023-5962 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. | 6.5 |
| 2023-11-02 | CVE-2023-4217 | Exposure of Resource to Wrong Sphere vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. | 5.3 |
| 2023-11-02 | CVE-2023-5035 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. | 5.3 |
| 2023-11-01 | CVE-2023-5627 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. | 7.5 |
| 2023-11-01 | CVE-2023-4452 | Classic Buffer Overflow vulnerability in Moxa products A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. | 7.5 |
| 2023-10-03 | CVE-2023-4929 | Improper Validation of Integrity Check Value vulnerability in Moxa products All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. | 8.8 |
| 2023-09-02 | CVE-2023-39979 | Use of Insufficiently Random Values vulnerability in Moxa Mxsecurity 1.0/1.0.1/1.1.0 There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. | 9.8 |
| 2023-09-02 | CVE-2023-39980 | SQL Injection vulnerability in Moxa Mxsecurity 1.0/1.0.1 A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. | 8.1 |