Vulnerabilities > Moxa > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-24 CVE-2023-4229 Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Iologik E4200 Firmware 1.6
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks.
network
low complexity
moxa CWE-1021
4.7
2023-08-24 CVE-2023-4230 Exposure of Resource to Wrong Sphere vulnerability in Moxa Iologik E4200 Firmware 1.6
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices.
network
low complexity
moxa CWE-668
5.3
2023-08-24 CVE-2023-4227 Incorrect Authorization vulnerability in Moxa Iologik E4200 Firmware 1.6
A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product.
network
low complexity
moxa CWE-863
6.5
2023-07-05 CVE-2023-3336 Information Exposure Through Discrepancy vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.
network
low complexity
moxa CWE-203
5.3
2023-03-07 CVE-2023-1257 Unspecified vulnerability in Moxa products
An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS.
low complexity
moxa
6.8
2023-02-07 CVE-2022-40691 Unspecified vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa
5.3
2023-02-07 CVE-2022-41311 Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-79
5.4
2023-02-07 CVE-2022-41312 Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-79
5.4
2023-02-07 CVE-2022-41313 Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1.
network
low complexity
moxa CWE-79
5.4
2021-09-07 CVE-2021-39278 Cross-site Scripting vulnerability in Moxa products
Certain MOXA devices allow reflected XSS via the Config Import menu.
network
low complexity
moxa CWE-79
6.1