Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-18 CVE-2024-4739 Unspecified vulnerability in Moxa Mxsecurity 1.0/1.0.1/1.1.0
The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable.
network
low complexity
moxa
7.5
2024-10-18 CVE-2024-4740 Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0/1.0.1
MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials.
network
low complexity
moxa CWE-798
7.5
2024-09-21 CVE-2024-6785 Cleartext Storage of Sensitive Information vulnerability in Moxa Mxview ONE and Mxview ONE Central Manager
The configuration file stores credentials in cleartext.
local
low complexity
moxa CWE-312
7.1
2024-06-25 CVE-2024-4639 Command Injection vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration.
network
low complexity
moxa CWE-77
8.8
2024-06-25 CVE-2024-4640 Classic Buffer Overflow vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations.
network
low complexity
moxa CWE-120
8.2
2024-06-25 CVE-2024-4638 Command Injection vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function.
network
low complexity
moxa CWE-77
8.8
2023-12-23 CVE-2023-5961 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior.
network
low complexity
moxa CWE-352
8.8
2023-11-01 CVE-2023-5627 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable.
network
low complexity
moxa CWE-327
7.5
2023-11-01 CVE-2023-4452 Classic Buffer Overflow vulnerability in Moxa products
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability.
network
low complexity
moxa CWE-120
7.5
2023-10-03 CVE-2023-4929 Improper Validation of Integrity Check Value vulnerability in Moxa products
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability.
network
low complexity
moxa CWE-354
8.8