Vulnerabilities > Moxa > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-06 | CVE-2018-19659 | OS Command Injection vulnerability in Moxa Nport W2X50A Firmware 1.11 An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. | 8.8 |
2018-10-19 | CVE-2018-18392 | Unspecified vulnerability in Moxa Thingspro 2.1 Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 8.8 |
2018-10-19 | CVE-2018-18391 | Unspecified vulnerability in Moxa Thingspro 2.1 User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 8.8 |
2018-10-19 | CVE-2018-18390 | Information Exposure vulnerability in Moxa Thingspro 2.1 User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | 7.5 |
2018-09-20 | CVE-2018-16282 | OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.2 A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI. | 8.8 |
2018-07-24 | CVE-2018-10632 | Resource Exhaustion vulnerability in Moxa products In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. | 7.5 |
2018-05-14 | CVE-2017-14439 | Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1 Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. | 7.5 |
2018-05-14 | CVE-2017-14438 | Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1 Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. | 7.5 |
2018-05-14 | CVE-2017-14437 | NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 7.5 |
2018-05-14 | CVE-2017-14436 | NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 7.5 |