Vulnerabilities > Moxa > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2016-5819 | Cross-site Scripting vulnerability in Moxa products Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server. | 6.1 |
| 2019-03-05 | CVE-2019-6565 | Cross-site Scripting vulnerability in Moxa products Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script. | 6.1 |
| 2019-03-05 | CVE-2019-6559 | Resource Exhaustion vulnerability in Moxa products Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash. | 6.5 |
| 2018-05-14 | CVE-2017-12127 | Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1 A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. | 4.4 |
| 2018-05-14 | CVE-2017-12124 | NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. | 6.5 |
| 2018-03-05 | CVE-2018-5449 | NULL Pointer Dereference vulnerability in Moxa products A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. | 6.5 |
| 2017-11-17 | CVE-2017-13702 | Information Exposure vulnerability in Moxa Eds-G512E Firmware 5.1 An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. | 5.3 |
| 2017-11-17 | CVE-2017-13700 | Cross-site Scripting vulnerability in Moxa Eds-G512E Firmware 5.1 An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. | 4.8 |
| 2017-04-14 | CVE-2017-7457 | XXE vulnerability in Moxa Mx-Aopc Server 1.5 XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure. | 5.0 |
| 2017-04-13 | CVE-2016-8725 | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. | 5.3 |