Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2019-06-07 CVE-2018-10694 Missing Encryption of Sensitive Data vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
high complexity
moxa CWE-311
8.1
8.1
2019-06-07 CVE-2018-10690 Missing Encryption of Sensitive Data vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
high complexity
moxa CWE-311
8.1
8.1
2019-03-05 CVE-2019-6561 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device.
network
low complexity
moxa CWE-352
8.8
8.8
2018-10-19 CVE-2018-18396 Unspecified vulnerability in Moxa Thingspro 2.1
Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
network
low complexity
moxa
7.5
7.5
2018-05-14 CVE-2017-14439 Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1
Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-20
7.5
7.5
2018-05-14 CVE-2017-14438 Improper Input Validation vulnerability in Moxa Edr-810 Firmware 4.1
Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-20
7.5
7.5
2018-05-14 CVE-2017-14437 NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-476
7.5
7.5
2018-05-14 CVE-2017-14436 NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-476
7.5
7.5
2018-05-14 CVE-2017-14435 NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-476
7.5
7.5
2018-05-14 CVE-2017-14434 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8