Vulnerabilities > Moxa > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-14 CVE-2020-27184 Cleartext Transmission of Sensitive Information vulnerability in Moxa products
The NPort IA5000A Series devices use Telnet as one of the network device management services.
network
high complexity
moxa CWE-319
5.9
2021-05-14 CVE-2020-27149 Unspecified vulnerability in Moxa products
By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed.
network
low complexity
moxa
6.5
2020-12-23 CVE-2020-25192 Information Exposure vulnerability in Moxa Nport Iaw5000A-I/O Firmware
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization.
network
low complexity
moxa CWE-200
5.3
2020-05-01 CVE-2020-12117 Missing Authentication for Critical Function vulnerability in Moxa Nport 5100A Firmware 1.5
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800.
network
low complexity
moxa CWE-306
5.3
2020-03-26 CVE-2020-6999 Classic Buffer Overflow vulnerability in Moxa Mds-G516E Firmware 5.2
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.
network
low complexity
moxa CWE-120
6.5
2020-03-11 CVE-2019-9103 Information Exposure vulnerability in Moxa products
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1.
network
low complexity
moxa CWE-200
5.3
2020-03-11 CVE-2019-9097 Unspecified vulnerability in Moxa products
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1.
network
low complexity
moxa
5.3
2019-10-08 CVE-2019-10963 Unspecified vulnerability in Moxa Edr-810 Firmware
Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure.
network
low complexity
moxa
4.3
2019-06-07 CVE-2018-10700 Cross-site Scripting vulnerability in Moxa Awk-3121 Firmware 1.19
An issue was discovered on Moxa AWK-3121 1.19 devices.
network
low complexity
moxa CWE-79
6.1
2019-06-07 CVE-2018-10692 Cross-site Scripting vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-79
6.1