Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-18 CVE-2024-4739 Unspecified vulnerability in Moxa Mxsecurity 1.0/1.0.1/1.1.0
The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable.
network
low complexity
moxa
7.5
2024-10-18 CVE-2024-4740 Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0/1.0.1
MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials.
network
low complexity
moxa CWE-798
7.5
2024-09-21 CVE-2024-6785 Cleartext Storage of Sensitive Information vulnerability in Moxa Mxview ONE and Mxview ONE Central Manager
The configuration file stores credentials in cleartext.
local
low complexity
moxa CWE-312
7.1
2024-06-25 CVE-2024-4639 Command Injection vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration.
network
low complexity
moxa CWE-77
8.8
2024-06-25 CVE-2024-4640 Classic Buffer Overflow vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations.
network
low complexity
moxa CWE-120
8.2
2024-06-25 CVE-2024-4638 Command Injection vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function.
network
low complexity
moxa CWE-77
8.8
2024-03-06 CVE-2024-1220 Out-of-bounds Write vulnerability in Moxa products
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service.
network
low complexity
moxa CWE-787
7.5
2023-12-23 CVE-2023-5961 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior.
network
low complexity
moxa CWE-352
8.8
2023-11-01 CVE-2023-5627 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable.
network
low complexity
moxa CWE-327
7.5
2023-11-01 CVE-2023-4452 Classic Buffer Overflow vulnerability in Moxa products
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability.
network
low complexity
moxa CWE-120
7.5