Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-08 CVE-2019-10969 Improper Input Validation vulnerability in Moxa Edr-810 Firmware
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.
network
low complexity
moxa CWE-20
7.2
7.2
2019-07-03 CVE-2018-11424 Out-of-bounds Write vulnerability in Moxa products
There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.
network
low complexity
moxa CWE-787
7.5
7.5
2019-07-03 CVE-2018-11423 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products
There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.
network
low complexity
moxa CWE-119
7.5
7.5
2019-07-03 CVE-2018-11427 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
network
low complexity
moxa CWE-352
8.8
8.8
2019-06-07 CVE-2018-10703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-119
8.8
8.8
2019-06-07 CVE-2018-10702 OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-78
8.8
8.8
2019-06-07 CVE-2018-10701 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-119
8.8
8.8
2019-06-07 CVE-2018-10699 OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-78
8.8
8.8
2019-06-07 CVE-2018-10697 OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-78
8.8
8.8
2019-06-07 CVE-2018-10696 Cross-Site Request Forgery (CSRF) vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-352
8.8
8.8