Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2017-11-16 CVE-2017-14028 Resource Exhaustion vulnerability in Moxa products
A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior.
network
low complexity
moxa CWE-400
7.5
7.5
2017-05-29 CVE-2017-7917 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA.
network
low complexity
moxa CWE-352
8.8
8.8
2017-04-14 CVE-2017-7456 Improper Input Validation vulnerability in Moxa Mxview 2.8
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
network
low complexity
moxa CWE-20
7.5
7.5
2017-04-14 CVE-2017-7455 Information Exposure vulnerability in Moxa Mxview 2.8
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
network
low complexity
moxa CWE-200
7.5
7.5
2017-04-13 CVE-2016-8727 Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point.
network
low complexity
moxa CWE-200
7.5
7.5
2017-04-13 CVE-2016-8726 NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-476
7.5
7.5
2017-04-13 CVE-2016-8723 NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-476
7.5
7.5
2017-04-13 CVE-2016-8712 Insufficient Session Expiration vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1.
network
high complexity
moxa CWE-613
8.1
8.1
2017-04-12 CVE-2016-8718 Cross-Site Request Forgery (CSRF) vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-352
8.8
8.8
2017-04-12 CVE-2016-8716 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
high complexity
moxa CWE-640
7.5
7.5