Vulnerabilities > Moxa > WDR 3124A US Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-39278 Cross-site Scripting vulnerability in Moxa products
Certain MOXA devices allow reflected XSS via the Config Import menu.
network
low complexity
moxa CWE-79
6.1
2021-09-07 CVE-2021-39279 OS Command Injection vulnerability in Moxa products
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP.
network
low complexity
moxa CWE-78
8.8