Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-2044 | Out-of-bounds Write vulnerability in Moxa Nport 5110 Firmware 2.10 MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device. | 8.2 |
| 2022-04-15 | CVE-2022-27048 | Unspecified vulnerability in Moxa products A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. | 7.4 |
| 2022-04-14 | CVE-2021-40390 | Use of Hard-coded Credentials vulnerability in Moxa Mxview 3.2.4 An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. | 9.8 |
| 2022-04-14 | CVE-2021-40392 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Mxview 3.2.4 An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. | 7.5 |
| 2022-04-01 | CVE-2021-32968 | Classic Buffer Overflow vulnerability in Moxa products Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition. | 7.5 |
| 2022-04-01 | CVE-2021-32970 | Improper Input Validation vulnerability in Moxa products Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions. | 7.5 |
| 2022-04-01 | CVE-2021-32974 | OS Command Injection vulnerability in Moxa products Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands. | 9.8 |
| 2022-04-01 | CVE-2021-32976 | Out-of-bounds Write vulnerability in Moxa products Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. | 9.8 |
| 2022-02-18 | CVE-2021-46082 | Memory Leak vulnerability in Moxa products Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. | 7.5 |
| 2022-01-26 | CVE-2021-46559 | Insufficient Verification of Data Authenticity vulnerability in Moxa Tn-5900 Firmware 3.1 The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection. | 7.5 |