Vulnerabilities > Moxa > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2016-5819 Cross-site Scripting vulnerability in Moxa products
Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.
network
low complexity
moxa CWE-79
6.1
2019-03-05 CVE-2019-6565 Cross-site Scripting vulnerability in Moxa products
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script.
network
low complexity
moxa CWE-79
6.1
2019-03-05 CVE-2019-6559 Resource Exhaustion vulnerability in Moxa products
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash.
network
low complexity
moxa CWE-400
6.5
2018-05-14 CVE-2017-12127 Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317.
local
low complexity
moxa CWE-522
4.4
2018-05-14 CVE-2017-12124 NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-476
6.5
2018-03-05 CVE-2018-5449 NULL Pointer Dereference vulnerability in Moxa products
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
low complexity
moxa CWE-476
6.5
2017-11-17 CVE-2017-13702 Information Exposure vulnerability in Moxa Eds-G512E Firmware 5.1
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.
network
low complexity
moxa CWE-200
5.3
2017-11-17 CVE-2017-13700 Cross-site Scripting vulnerability in Moxa Eds-G512E Firmware 5.1
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.
network
low complexity
moxa CWE-79
4.8
2017-04-14 CVE-2017-7457 XXE vulnerability in Moxa Mx-Aopc Server 1.5
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
local
low complexity
moxa CWE-611
5.0
2017-04-13 CVE-2016-8725 Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1
An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1.
network
low complexity
moxa CWE-200
5.3