Vulnerabilities > Moxa > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-14 | CVE-2020-27184 | Cleartext Transmission of Sensitive Information vulnerability in Moxa products The NPort IA5000A Series devices use Telnet as one of the network device management services. | 5.9 |
2021-05-14 | CVE-2020-27149 | Unspecified vulnerability in Moxa products By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed. | 6.5 |
2020-12-23 | CVE-2020-25192 | Information Exposure vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization. | 5.3 |
2020-05-01 | CVE-2020-12117 | Missing Authentication for Critical Function vulnerability in Moxa Nport 5100A Firmware 1.5 Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. | 5.3 |
2020-03-26 | CVE-2020-6999 | Classic Buffer Overflow vulnerability in Moxa Mds-G516E Firmware 5.2 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer. | 6.5 |
2020-03-11 | CVE-2019-9103 | Information Exposure vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 5.3 |
2020-03-11 | CVE-2019-9097 | Unspecified vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 5.3 |
2019-10-08 | CVE-2019-10963 | Unspecified vulnerability in Moxa Edr-810 Firmware Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. | 4.3 |
2019-06-07 | CVE-2018-10700 | Cross-site Scripting vulnerability in Moxa Awk-3121 Firmware 1.19 An issue was discovered on Moxa AWK-3121 1.19 devices. | 6.1 |
2019-06-07 | CVE-2018-10692 | Cross-site Scripting vulnerability in Moxa Awk-3121 Firmware 1.14 An issue was discovered on Moxa AWK-3121 1.14 devices. | 6.1 |