Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2018-05-14 CVE-2017-12125 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
2018-05-14 CVE-2017-12124 NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-476
6.5
2018-05-14 CVE-2017-12123 Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317.
low complexity
moxa CWE-522
8.8
2018-05-14 CVE-2017-12121 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
2018-05-14 CVE-2017-12120 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
2018-04-11 CVE-2017-14459 OS Command Injection vulnerability in Moxa Awk-3131A Firmware
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current).
network
low complexity
moxa CWE-78
critical
9.8
2018-04-06 CVE-2018-7506 Information Exposure vulnerability in Moxa Mxview
The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information.
network
low complexity
moxa CWE-200
7.5
2018-04-02 CVE-2016-8717 Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-798
critical
9.8
2018-03-05 CVE-2018-5455 Improper Authentication vulnerability in Moxa products
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
network
low complexity
moxa CWE-287
critical
9.8
2018-03-05 CVE-2018-5453 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
network
low complexity
moxa CWE-119
7.5