Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2021-46559 | Insufficient Verification of Data Authenticity vulnerability in Moxa Tn-5900 Firmware 3.1 The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection. | 7.5 |
| 2022-01-26 | CVE-2021-46560 | Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1 The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage. | 9.8 |
| 2021-12-27 | CVE-2021-4161 | Unspecified vulnerability in Moxa products The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. | 7.5 |
| 2021-10-12 | CVE-2021-38452 | Unspecified vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 9.1 |
| 2021-10-12 | CVE-2021-38454 | Path Traversal vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 10.0 |
| 2021-10-12 | CVE-2021-38456 | Use of Hard-coded Credentials vulnerability in Moxa Mxview A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords | 9.8 |
| 2021-10-12 | CVE-2021-38458 | Injection vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 9.8 |
| 2021-10-12 | CVE-2021-38460 | Path Traversal vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 7.5 |
| 2021-09-07 | CVE-2021-39278 | Cross-site Scripting vulnerability in Moxa products Certain MOXA devices allow reflected XSS via the Config Import menu. | 6.1 |
| 2021-09-07 | CVE-2021-39279 | OS Command Injection vulnerability in Moxa products Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. | 8.8 |