Vulnerabilities > Moxa > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-06-25 CVE-2024-4641 Use of Externally-Controlled Format String vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument.
network
low complexity
moxa CWE-134
critical
9.8
2023-09-02 CVE-2023-39979 Use of Insufficiently Random Values vulnerability in Moxa Mxsecurity 1.0/1.0.1
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication.
network
low complexity
moxa CWE-330
critical
9.8
2023-08-17 CVE-2023-34215 Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability.
network
low complexity
moxa CWE-77
critical
9.8
2023-08-17 CVE-2023-33238 Command Injection vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability.
network
low complexity
moxa CWE-77
critical
9.8
2023-08-17 CVE-2023-33239 Command Injection vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability.
network
low complexity
moxa CWE-77
critical
9.8
2023-08-17 CVE-2023-34213 Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability.
network
low complexity
moxa CWE-77
critical
9.8
2023-08-17 CVE-2023-34214 Command Injection vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability.
network
low complexity
moxa CWE-77
critical
9.8
2023-08-16 CVE-2023-4204 Use of Hard-coded Credentials vulnerability in Moxa Nport Iaw5000A-I/O Firmware 2.2
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device.
network
low complexity
moxa CWE-798
critical
9.8
2023-05-22 CVE-2023-33236 Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability.
network
low complexity
moxa CWE-798
critical
9.8
2022-04-14 CVE-2021-40390 Use of Hard-coded Credentials vulnerability in Moxa Mxview 3.2.4
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4.
network
low complexity
moxa CWE-798
critical
9.8