Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-14 | CVE-2017-12126 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-05-14 | CVE-2017-12125 | OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-05-14 | CVE-2017-12124 | NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 6.5 |
| 2018-05-14 | CVE-2017-12123 | Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-05-14 | CVE-2017-12121 | OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-05-14 | CVE-2017-12120 | OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-04-11 | CVE-2017-14459 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). | 9.8 |
| 2018-04-06 | CVE-2018-7506 | Information Exposure vulnerability in Moxa Mxview The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information. | 7.5 |
| 2018-04-02 | CVE-2016-8717 | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 9.8 |
| 2018-03-05 | CVE-2018-5455 | Improper Authentication vulnerability in Moxa products A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. | 9.8 |