Vulnerabilities > Moxa > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-02 | CVE-2023-39979 | Use of Insufficiently Random Values vulnerability in Moxa Mxsecurity 1.0/1.0.1 There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. | 9.8 |
| 2023-08-17 | CVE-2023-34215 | Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3 TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. | 9.8 |
| 2023-08-17 | CVE-2023-33238 | Command Injection vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. | 9.8 |
| 2023-08-17 | CVE-2023-33239 | Command Injection vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. | 9.8 |
| 2023-08-17 | CVE-2023-34213 | Command Injection vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3 TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. | 9.8 |
| 2023-08-17 | CVE-2023-34214 | Command Injection vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. | 9.8 |
| 2023-08-16 | CVE-2023-4204 | Use of Hard-coded Credentials vulnerability in Moxa Nport Iaw5000A-I/O Firmware NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. | 9.8 |
| 2023-05-22 | CVE-2023-33236 | Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0 MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. | 9.8 |
| 2023-04-27 | CVE-2023-28697 | Missing Authentication for Critical Function vulnerability in Moxa Miineport E1 Firmware 1.7.2 Moxa MiiNePort E1 has a vulnerability of insufficient access control. | 9.8 |
| 2022-04-14 | CVE-2021-40390 | Use of Hard-coded Credentials vulnerability in Moxa Mxview 3.2.4 An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. | 9.8 |