Vulnerabilities > Moxa > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-4229 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks. | 4.7 |
| 2023-08-24 | CVE-2023-4230 | Exposure of Resource to Wrong Sphere vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. | 5.3 |
| 2023-08-24 | CVE-2023-4227 | Incorrect Authorization vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. | 6.5 |
| 2023-07-05 | CVE-2023-3336 | Information Exposure Through Discrepancy vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3 TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. | 5.3 |
| 2023-03-07 | CVE-2023-1257 | Unspecified vulnerability in Moxa products An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. low complexity moxa | 6.8 |
| 2023-02-07 | CVE-2022-40691 | Unspecified vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 5.3 |
| 2023-02-07 | CVE-2022-41311 | Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 5.4 |
| 2023-02-07 | CVE-2022-41312 | Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 5.4 |
| 2023-02-07 | CVE-2022-41313 | Cross-site Scripting vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 5.4 |
| 2021-09-07 | CVE-2021-39278 | Cross-site Scripting vulnerability in Moxa products Certain MOXA devices allow reflected XSS via the Config Import menu. | 6.1 |