Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-14 CVE-2017-14433 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-14432 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-12129 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
low complexity
moxa CWE-327
8.0
8.0
2018-05-14 CVE-2017-12128 Information Exposure vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-200
7.5
7.5
2018-05-14 CVE-2017-12126 Cross-Site Request Forgery (CSRF) vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-352
8.8
8.8
2018-05-14 CVE-2017-12125 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-12123 Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317.
low complexity
moxa CWE-522
8.8
8.8
2018-05-14 CVE-2017-12121 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-12120 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-03-05 CVE-2018-5455 Improper Authentication vulnerability in Moxa products
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
network
low complexity
moxa CWE-287
7.5
7.5