Vulnerabilities > Moxa > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-6093 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Oncell G3150A-Lte Firmware A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. | 6.1 |
| 2023-12-31 | CVE-2023-6094 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Oncell G3150A-Lte Firmware A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. | 5.3 |
| 2023-12-23 | CVE-2023-5962 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. | 6.5 |
| 2023-11-02 | CVE-2023-4217 | Exposure of Resource to Wrong Sphere vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. | 5.3 |
| 2023-11-02 | CVE-2023-5035 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. | 5.3 |
| 2023-09-02 | CVE-2023-39982 | Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0/1.0.1 A vulnerability has been identified in MXsecurity versions prior to v1.0.1. | 5.9 |
| 2023-09-02 | CVE-2023-39983 | Improper Control of Dynamically-Managed Code Resources vulnerability in Moxa Mxsecurity 1.0/1.0.1 A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. | 5.3 |
| 2023-08-24 | CVE-2023-4228 | Incorrect Permission Assignment for Critical Resource vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. | 4.3 |
| 2023-08-24 | CVE-2023-4229 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks. | 4.7 |
| 2023-08-24 | CVE-2023-4230 | Exposure of Resource to Wrong Sphere vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. | 5.3 |