Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2023-02-07 CVE-2022-40224 Unspecified vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa
7.5
2023-02-07 CVE-2022-40691 Unspecified vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa
5.3
2023-02-07 CVE-2022-40693 Cleartext Transmission of Sensitive Information vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-319
7.5
2023-02-07 CVE-2022-41311 Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-79
5.4
2023-02-07 CVE-2022-41312 Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-79
5.4
2023-02-07 CVE-2022-41313 Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-79
5.4
2022-12-02 CVE-2022-3086 Unspecified vulnerability in Moxa products
Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code.
low complexity
moxa
7.6
2022-11-28 CVE-2022-3088 Unspecified vulnerability in Moxa products
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges.
local
low complexity
moxa
7.8
2022-08-31 CVE-2022-2043 Unspecified vulnerability in Moxa Nport 5110 Firmware 2.10
MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that can cause the device to become unresponsive.
network
low complexity
moxa
7.5
2022-08-31 CVE-2022-2044 Unspecified vulnerability in Moxa Nport 5110 Firmware 2.10
MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device.
network
low complexity
moxa
8.2