Vulnerabilities > Moxa > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-03 | CVE-2023-4929 | Improper Validation of Integrity Check Value vulnerability in Moxa products All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. | 8.8 |
| 2023-09-02 | CVE-2023-39980 | SQL Injection vulnerability in Moxa Mxsecurity 1.0/1.0.1 A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. | 8.1 |
| 2023-09-02 | CVE-2023-39981 | Improper Authentication vulnerability in Moxa Mxsecurity 1.0/1.0.1 A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. | 7.5 |
| 2023-08-17 | CVE-2023-34216 | Path Traversal vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. | 8.1 |
| 2023-08-17 | CVE-2023-34217 | Path Traversal vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. | 8.1 |
| 2023-08-17 | CVE-2023-33237 | Improper Authentication vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3 TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. | 8.8 |
| 2023-05-22 | CVE-2023-33235 | Command Injection vulnerability in Moxa Mxsecurity 1.0 MXsecurity version 1.0 is vulnearble to command injection vulnerability. | 8.8 |
| 2023-02-07 | CVE-2022-40224 | Unspecified vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 7.5 |
| 2023-02-07 | CVE-2022-40693 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 7.5 |
| 2022-12-02 | CVE-2022-3086 | Unspecified vulnerability in Moxa products Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code. low complexity moxa | 7.6 |