Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2021-46560 | Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1 The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage. | 9.8 |
| 2021-12-27 | CVE-2021-4161 | Cleartext Transmission of Sensitive Information vulnerability in Moxa products The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. | 7.5 |
| 2021-10-12 | CVE-2021-38452 | Path Traversal vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 9.1 |
| 2021-10-12 | CVE-2021-38454 | Path Traversal vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 10.0 |
| 2021-10-12 | CVE-2021-38456 | Use of Hard-coded Credentials vulnerability in Moxa Mxview A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords | 9.8 |
| 2021-10-12 | CVE-2021-38458 | Injection vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 9.8 |
| 2021-10-12 | CVE-2021-38460 | Path Traversal vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 7.5 |
| 2021-09-07 | CVE-2021-39278 | Cross-site Scripting vulnerability in Moxa products Certain MOXA devices allow reflected XSS via the Config Import menu. | 6.1 |
| 2021-09-07 | CVE-2021-39279 | OS Command Injection vulnerability in Moxa products Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. | 8.8 |
| 2021-06-18 | CVE-2021-33823 | Unspecified vulnerability in Moxa Mgate Mb3180 Firmware 2.1 An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. | 7.5 |