Vulnerabilities > Moxa > PT 7528 12Mst 12Tx 4Gsfp HV HV Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-03-24 CVE-2020-6995 Weak Password Requirements vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.
network
low complexity
moxa CWE-521
7.5
2020-03-24 CVE-2020-6993 Information Exposure vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization.
network
low complexity
moxa CWE-200
5.0
2020-03-24 CVE-2020-6985 Use of Hard-coded Credentials vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.
network
low complexity
moxa CWE-798
critical
10.0
2020-03-24 CVE-2020-6989 Out-of-bounds Write vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.
network
low complexity
moxa CWE-787
7.5
2020-03-24 CVE-2020-6987 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
network
low complexity
moxa CWE-327
5.0
2020-03-24 CVE-2020-6983 Use of Hard-coded Credentials vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered.
network
low complexity
moxa CWE-798
5.0