Vulnerabilities > Moxa > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-4739 | Unspecified vulnerability in Moxa Mxsecurity 1.0/1.0.1/1.1.0 The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. | 7.5 |
| 2024-10-18 | CVE-2024-4740 | Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0/1.0.1 MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. | 7.5 |
| 2024-09-21 | CVE-2024-6785 | Cleartext Storage of Sensitive Information vulnerability in Moxa Mxview ONE and Mxview ONE Central Manager The configuration file stores credentials in cleartext. | 7.1 |
| 2024-06-25 | CVE-2024-4639 | Command Injection vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. | 8.8 |
| 2024-06-25 | CVE-2024-4640 | Classic Buffer Overflow vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. | 8.2 |
| 2024-06-25 | CVE-2024-4638 | Command Injection vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. | 8.8 |
| 2024-03-06 | CVE-2024-1220 | Out-of-bounds Write vulnerability in Moxa products A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. | 7.5 |
| 2023-12-23 | CVE-2023-5961 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. | 8.8 |
| 2023-11-01 | CVE-2023-5627 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. | 7.5 |
| 2023-11-01 | CVE-2023-4452 | Classic Buffer Overflow vulnerability in Moxa products A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. | 7.5 |