High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-06	CVE-2018-19659	OS Command Injection vulnerability in Moxa Nport W2X50A Firmware 1.11 An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. network low complexity moxa CWE-78	8.8
2018-10-19	CVE-2018-18392	Unspecified vulnerability in Moxa Thingspro 2.1 Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. network low complexity moxa	8.8
2018-10-19	CVE-2018-18391	Unspecified vulnerability in Moxa Thingspro 2.1 User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. network low complexity moxa	8.8
2018-10-19	CVE-2018-18390	Information Exposure vulnerability in Moxa Thingspro 2.1 User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. network low complexity moxa CWE-200	7.5
2018-09-20	CVE-2018-16282	OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.2 A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI. network low complexity moxa CWE-78	8.8
2018-07-24	CVE-2018-10632	Resource Exhaustion vulnerability in Moxa products In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. network low complexity moxa CWE-400	7.5
2018-05-14	CVE-2017-14439	Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1 Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. network low complexity moxa CWE-20	7.5
2018-05-14	CVE-2017-14438	Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1 Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. network low complexity moxa CWE-20	7.5
2018-05-14	CVE-2017-14437	NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. network low complexity moxa CWE-476	7.5
2018-05-14	CVE-2017-14436	NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. network low complexity moxa CWE-476	7.5