Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2018-5453 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
network
low complexity
moxa CWE-119
7.8
2018-01-18 CVE-2017-12729 SQL Injection vulnerability in Moxa Softcms LAB View
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6.
network
low complexity
moxa CWE-89
7.5
2017-11-17 CVE-2017-13703 Improper Input Validation vulnerability in Moxa Eds-G512E Firmware 5.1
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.
network
low complexity
moxa CWE-20
7.8
2017-05-29 CVE-2017-7915 Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa products
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA.
network
low complexity
moxa CWE-307
7.5
2017-04-13 CVE-2016-8726 NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-476
7.5
2017-04-13 CVE-2016-8723 NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-476
7.5
2017-04-13 CVE-2016-8712 Insufficient Session Expiration vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1.
network
high complexity
moxa CWE-613
8.1
2017-04-12 CVE-2016-8718 Cross-Site Request Forgery (CSRF) vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
network
low complexity
moxa CWE-352
8.8
2017-04-12 CVE-2016-8716 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.
high complexity
moxa CWE-640
7.5
2017-02-13 CVE-2016-9367 Resource Exhaustion vulnerability in Moxa products
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4.
network
low complexity
moxa CWE-400
7.8