Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2022-04-15 CVE-2022-27048 Unspecified vulnerability in Moxa products
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device.
network
high complexity
moxa
7.4
2022-04-14 CVE-2021-40390 Use of Hard-coded Credentials vulnerability in Moxa Mxview 3.2.4
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4.
network
low complexity
moxa CWE-798
critical
9.8
2022-04-14 CVE-2021-40392 Cleartext Transmission of Sensitive Information vulnerability in Moxa Mxview 3.2.4
An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4.
network
low complexity
moxa CWE-319
7.5
2022-04-01 CVE-2021-32968 Classic Buffer Overflow vulnerability in Moxa products
Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition.
network
low complexity
moxa CWE-120
7.5
2022-04-01 CVE-2021-32970 Improper Input Validation vulnerability in Moxa products
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions.
network
low complexity
moxa CWE-20
7.5
2022-04-01 CVE-2021-32974 OS Command Injection vulnerability in Moxa products
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands.
network
low complexity
moxa CWE-78
critical
9.8
2022-04-01 CVE-2021-32976 Out-of-bounds Write vulnerability in Moxa products
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.
network
low complexity
moxa CWE-787
critical
9.8
2022-02-18 CVE-2021-46082 Memory Leak vulnerability in Moxa products
Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets.
network
low complexity
moxa CWE-401
7.5
2022-01-26 CVE-2021-46559 Insufficient Verification of Data Authenticity vulnerability in Moxa Tn-5900 Firmware 3.1
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.
network
low complexity
moxa CWE-345
7.5
2022-01-26 CVE-2021-46560 Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.
network
low complexity
moxa CWE-77
critical
9.8