Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2017-04-14 CVE-2017-7457 XXE vulnerability in Moxa Mx-Aopc Server 1.5
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
local
low complexity
moxa CWE-611
5.0
5.0
2017-04-14 CVE-2017-7456 Improper Input Validation vulnerability in Moxa Mxview 2.8
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
network
low complexity
moxa CWE-20
7.5
7.5
2017-04-14 CVE-2017-7455 Information Exposure vulnerability in Moxa Mxview 2.8
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
network
low complexity
moxa CWE-200
7.5
7.5
2017-04-13 CVE-2016-8727 Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point.
network
low complexity
moxa CWE-200
7.5
7.5
2017-04-13 CVE-2016-8726 NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-476
7.5
7.5
2017-04-13 CVE-2016-8725 Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1.
network
low complexity
moxa CWE-200
5.3
5.3
2017-04-13 CVE-2016-8724 Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-200
5.3
5.3
2017-04-13 CVE-2016-8723 NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-476
7.5
7.5
2017-04-13 CVE-2016-8722 Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client.
network
low complexity
moxa CWE-200
5.3
5.3
2017-04-13 CVE-2016-8720 Injection vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-74
4.3
4.3