Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2021-12-27 CVE-2021-4161 Unspecified vulnerability in Moxa products
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details.
network
low complexity
moxa
7.5
2021-10-12 CVE-2021-38452 Unspecified vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa
critical
9.1
2021-10-12 CVE-2021-38454 Path Traversal vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-22
critical
10.0
2021-10-12 CVE-2021-38456 Use of Hard-coded Credentials vulnerability in Moxa Mxview
A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords
network
low complexity
moxa CWE-798
critical
9.8
2021-10-12 CVE-2021-38458 Injection vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-74
critical
9.8
2021-10-12 CVE-2021-38460 Path Traversal vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-22
7.5
2021-09-07 CVE-2021-39278 Cross-site Scripting vulnerability in Moxa products
Certain MOXA devices allow reflected XSS via the Config Import menu.
network
low complexity
moxa CWE-79
6.1
2021-09-07 CVE-2021-39279 OS Command Injection vulnerability in Moxa products
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP.
network
low complexity
moxa CWE-78
8.8
2021-06-18 CVE-2021-33823 Unspecified vulnerability in Moxa Mgate Mb3180 Firmware 2.1
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012.
network
low complexity
moxa
7.5
2021-06-18 CVE-2021-33824 Resource Exhaustion vulnerability in Moxa Mgate Mb3180 Firmware 2.1
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012.
network
low complexity
moxa CWE-400
7.5