Vulnerabilities > Moxa > PT 7828 R 24 24 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-24 CVE-2020-6985 Use of Hard-coded Credentials vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.
network
low complexity
moxa CWE-798
critical
9.8
2020-03-24 CVE-2020-6995 Weak Password Requirements vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.
network
low complexity
moxa CWE-521
critical
9.8
2020-03-24 CVE-2020-6989 Out-of-bounds Write vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.
network
low complexity
moxa CWE-787
critical
9.8