Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-31 | CVE-2016-0875 | Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. | 7.5 |
| 2016-03-04 | CVE-2016-2283 | Credentials Management vulnerability in Moxa Ioadmin Firmware and Iologik Firmware Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors. | 5.3 |
| 2016-03-04 | CVE-2016-2282 | Credentials Management vulnerability in Moxa Ioadmin Firmware and Iologik Firmware Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors. | 5.3 |
| 2015-12-21 | CVE-2015-6481 | Unspecified vulnerability in Moxa Oncell Central Manager 2.0 The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session. | 8.3 |
| 2015-12-21 | CVE-2015-6480 | Improper Authentication vulnerability in Moxa Oncell Central Manager 2.0 The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action. | 8.3 |