Vulnerabilities > Moxa > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-11 CVE-2019-9099 Classic Buffer Overflow vulnerability in Moxa products
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1.
network
low complexity
moxa CWE-120
critical
9.8
2020-03-11 CVE-2019-9096 Weak Password Requirements vulnerability in Moxa products
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1.
network
low complexity
moxa CWE-521
critical
9.8
2020-03-11 CVE-2019-9095 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1.
network
low complexity
moxa CWE-327
critical
9.8
2020-02-25 CVE-2019-5138 OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-78
critical
9.9
2019-07-03 CVE-2018-11425 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products
Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424.
network
low complexity
moxa CWE-119
critical
9.8
2019-07-03 CVE-2018-11422 Cleartext Transmission of Sensitive Information vulnerability in Moxa products
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls.
network
low complexity
moxa CWE-319
critical
9.8
2019-07-03 CVE-2018-11421 Cleartext Transmission of Sensitive Information vulnerability in Moxa products
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls.
network
low complexity
moxa CWE-319
critical
9.8
2019-07-03 CVE-2018-11420 Out-of-bounds Write vulnerability in Moxa products
There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.
network
low complexity
moxa CWE-787
critical
9.8
2019-07-03 CVE-2018-11426 Improper Authentication vulnerability in Moxa products
A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
network
low complexity
moxa CWE-287
critical
9.8
2019-06-07 CVE-2018-10698 Missing Encryption of Sensitive Data vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-311
critical
9.8