Vulnerabilities > Moxa > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-28 | CVE-2022-3088 | Unspecified vulnerability in Moxa products UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges. | 7.8 |
| 2022-08-31 | CVE-2022-2043 | Unspecified vulnerability in Moxa Nport 5110 Firmware 2.10 MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that can cause the device to become unresponsive. | 7.5 |
| 2022-08-31 | CVE-2022-2044 | Unspecified vulnerability in Moxa Nport 5110 Firmware 2.10 MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device. | 8.2 |
| 2022-04-15 | CVE-2022-27048 | Unspecified vulnerability in Moxa products A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. | 7.4 |
| 2022-04-14 | CVE-2021-40392 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Mxview 3.2.4 An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. | 7.5 |
| 2022-04-01 | CVE-2021-32968 | Classic Buffer Overflow vulnerability in Moxa products Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition. | 7.5 |
| 2022-04-01 | CVE-2021-32970 | Improper Input Validation vulnerability in Moxa products Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions. | 7.5 |
| 2022-02-18 | CVE-2021-46082 | Memory Leak vulnerability in Moxa products Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. | 7.5 |
| 2022-01-26 | CVE-2021-46559 | Insufficient Verification of Data Authenticity vulnerability in Moxa Tn-5900 Firmware 3.1 The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection. | 7.5 |
| 2021-12-27 | CVE-2021-4161 | Unspecified vulnerability in Moxa products The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. | 7.5 |