Vulnerabilities > Moxa > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2016-9363 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4.
network
low complexity
moxa CWE-119
7.5
2017-02-13 CVE-2016-9361 Improper Authentication vulnerability in Moxa products
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4.
network
low complexity
moxa CWE-287
7.5
2017-02-13 CVE-2016-9354 Resource Management Errors vulnerability in Moxa Dacenter
An issue was discovered in Moxa DACenter Versions 1.4 and older.
network
moxa CWE-399
7.1
2017-02-13 CVE-2016-9333 SQL Injection vulnerability in Moxa Softcms 1.2/1.3/1.4
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6.
network
low complexity
moxa CWE-89
7.5
2017-02-13 CVE-2016-9332 Resource Management Errors vulnerability in Moxa Softcms 1.2/1.3/1.4
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6.
network
low complexity
moxa CWE-399
7.8
2017-02-13 CVE-2016-8363 Permissions, Privileges, and Access Controls vulnerability in Moxa products
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series.
network
low complexity
moxa CWE-264
7.5
2016-09-24 CVE-2016-5793 Unquoted Search Path or Element vulnerability in Moxa Active OPC Server
Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.
local
low complexity
moxa CWE-428
7.2
2016-08-08 CVE-2016-5792 SQL Injection vulnerability in Moxa Softcms 1.2/1.3/1.4
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields.
network
low complexity
moxa CWE-89
7.5
2016-05-31 CVE-2016-0879 Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.
network
low complexity
moxa CWE-532
7.8
2016-05-31 CVE-2016-0878 Unspecified vulnerability in Moxa Edr-G903 Firmware
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests.
network
low complexity
moxa
7.8