Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2017-11-17 CVE-2017-13700 Cross-site Scripting vulnerability in Moxa Eds-G512E Firmware 5.1
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.
network
low complexity
moxa CWE-79
4.8
2017-11-16 CVE-2017-16719 Injection vulnerability in Moxa products
An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior.
network
low complexity
moxa CWE-74
7.5
2017-11-16 CVE-2017-16715 Information Exposure vulnerability in Moxa products
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior.
network
low complexity
moxa CWE-200
7.5
2017-11-16 CVE-2017-14028 Resource Exhaustion vulnerability in Moxa products
A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior.
network
low complexity
moxa CWE-400
7.5
2017-05-29 CVE-2017-7917 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA.
network
low complexity
moxa CWE-352
8.8
2017-05-29 CVE-2017-7915 Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa products
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA.
network
low complexity
moxa CWE-307
critical
9.8
2017-05-29 CVE-2017-7913 Insufficiently Protected Credentials vulnerability in Moxa products
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA.
network
low complexity
moxa CWE-522
critical
9.8
2017-04-20 CVE-2016-8721 OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1.
network
low complexity
moxa CWE-78
critical
9.1
2017-04-14 CVE-2017-7457 XXE vulnerability in Moxa Mx-Aopc Server 1.5
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
local
low complexity
moxa CWE-611
5.0
2017-04-14 CVE-2017-7456 Improper Input Validation vulnerability in Moxa Mxview 2.8
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
network
low complexity
moxa CWE-20
7.5