MidnightBSD

Advisories for moxa

CVE-2010-4741 HIGH

Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa mdm_tool *
moxa device_manager *
CVE-2010-4742 HIGH

Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa activex_sdk *
CVE-2015-0986 HIGH

Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa vport_activex_sdk_plus *
CVE-2015-1000 MEDIUM

Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2015-6457 MEDIUM

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-122,CWE-119,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2015-6458 MEDIUM

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-119,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2015-6464 HIGH

The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa eds-408a_firmware *
CVE-2015-6465 MEDIUM

The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa eds-408a_firmware *
CVE-2015-6466 MEDIUM

Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa eds-408a_firmware *
CVE-2015-6480 HIGH

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa oncell_central_manager *
CVE-2015-6481 HIGH

The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
moxa oncell_central_manager *
CVE-2016-0875 MEDIUM

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-532,

Products Affected

Vendor Product Version
moxa edr-g903_firmware *
CVE-2016-0876 MEDIUM

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
moxa edr-g903_firmware *
CVE-2016-0877 HIGH

Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-772,

Products Affected

Vendor Product Version
moxa edr-g903_firmware *
CVE-2016-0878 HIGH

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa edr-g903_firmware *
CVE-2016-0879 HIGH

Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-532,

Products Affected

Vendor Product Version
moxa edr-g903_firmware *
CVE-2016-2282 MEDIUM

Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
moxa iologik_firmware *
moxa ioadmin_firmware *
CVE-2016-2283 MEDIUM

Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
moxa iologik_firmware *
moxa ioadmin_firmware *
CVE-2016-2285 MEDIUM

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa miineport_e1_7080_firmware 1.1.10
moxa miineport_e3_firmware 1.0
moxa miineport_e2_1242_firmware 1.1
moxa miineport_e1_4641_firmware 1.1.10
moxa miineport_e2_4561_firmware 1.1
CVE-2016-2286 MEDIUM

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa miineport_e1_7080_firmware 1.1.10
moxa miineport_e3_firmware 1.0
moxa miineport_e2_1242_firmware 1.1
moxa miineport_e1_4641_firmware 1.1.10
moxa miineport_e2_4561_firmware 1.1
CVE-2016-2295 MEDIUM

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa miineport_e1_7080_firmware 1.1.10
moxa miineport_e3_firmware 1.0
moxa miineport_e2_1242_firmware 1.1
moxa miineport_e1_4641_firmware 1.1.10
moxa miineport_e2_4561_firmware 1.1
CVE-2016-4500 MEDIUM

Moxa UC-7408 LX-Plus devices allow remote authenticated users to write to the firmware, and consequently render a device unusable, by leveraging root access.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
moxa uc-7408_lx-plus -
moxa uc-7408_lx-plus_firmware -
CVE-2016-4503 MEDIUM

Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa device_server_web_console_5232-n_firmware -
CVE-2016-4514 MEDIUM

Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.7 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L 1.8 5.3

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
moxa pt-7728 -
moxa pt-7728_firmware 3.4
CVE-2016-5792 HIGH

SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2016-5793 HIGH

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-428,

Products Affected

Vendor Product Version
moxa active_opc_server *
CVE-2016-5799 HIGH

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-285,

Products Affected

Vendor Product Version
moxa oncell_g3100v2_firmware *
moxa oncell_g3001_firmware *
CVE-2016-5804 MEDIUM

Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
moxa mgate_mb3180_firmware *
moxa mgate_mb3270_firmware *
moxa mgate_mb3280_firmware *
moxa mgate_mb3480_firmware *
moxa mgate_mb3170_firmware *
CVE-2016-5812 LOW

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa oncell_g3100v2_firmware *
moxa oncell_g3001_firmware *
CVE-2016-5819 MEDIUM

Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
moxa oncell_g3211_firmware *
moxa oncell_g3100v2_firmware *
moxa oncell_g3111_firmware *
moxa oncell_g3251_firmware *
moxa oncell_g3151_firmware *
CVE-2016-8346 MEDIUM

An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access configuration and log files (PRIVILEGE ESCALATION).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-532,

Products Affected

Vendor Product Version
moxa edr-810_firmware *
CVE-2016-8350 MEDIUM

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa iologik_e1200_series_firmware *
moxa iologik_e2200_series_firmware *
CVE-2016-8359 MEDIUM

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa iologik_e1200_series_firmware *
moxa iologik_e2200_series_firmware *
CVE-2016-8360 MEDIUM

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-415,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2016-8362 MEDIUM

An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. Any user is able to download log files by accessing a specific URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa awk-4131a_firmware *
moxa awk-5232_firmware *
moxa awk-3131-m12-rcc_firmware *
moxa awk-1131a_firmware *
moxa awk-3121-m12-rtg_firmware *
moxa awk-1127_firmware *
moxa awk-3131a_firmware *
moxa awk-6232_firmware *
moxa awk-3191_firmware *
moxa wac-1001_v2_firmware *
moxa awk-1121_firmware *
moxa oncellg3470a-lte_firmware *
moxa wac-2004_firmware *
moxa awk-5232-m12-rcc_firmware *
CVE-2016-8363 HIGH

An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. User is able to execute arbitrary OS commands on the server.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
moxa awk-4131a_firmware *
moxa awk-5232_firmware *
moxa awk-3131-m12-rcc_firmware *
moxa awk-1131a_firmware *
moxa awk-3121-m12-rtg_firmware *
moxa awk-1127_firmware *
moxa awk-3131a_firmware *
moxa awk-6232_firmware *
moxa awk-3191_firmware *
moxa wac-1001_v2_firmware *
moxa awk-1121_firmware *
moxa oncellg3470a-lte_firmware *
moxa wac-2004_firmware *
moxa awk-5232-m12-rcc_firmware *
CVE-2016-8372 MEDIUM

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
moxa iologik_e1200_series_firmware *
moxa iologik_e2200_series_firmware *
CVE-2016-8379 MEDIUM

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
moxa iologik_e1200_series_firmware *
moxa iologik_e2200_series_firmware *
CVE-2016-8712 MEDIUM

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-613,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8716 LOW

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.

CVSS 2.0

Severity: LOW

Problem Type: CWE-640,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8717 HIGH

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of affected devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8718 MEDIUM

An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8719 MEDIUM

An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8720 MEDIUM

An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8721 HIGH

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8722 MEDIUM

An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8723 HIGH

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8724 MEDIUM

An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8725 MEDIUM

An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8726 HIGH

An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web server.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-8727 MEDIUM

An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.1
CVE-2016-9332 HIGH

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2016-9333 HIGH

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input (SQL INJECTION).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
moxa softcms *
CVE-2016-9344 MEDIUM

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. An attacker may be able to brute force an active session cookie to be able to download configuration files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-532,

Products Affected

Vendor Product Version
moxa miineport_e1_firmware *
moxa miineport_e3_firmware *
moxa miineport_e2_firmware *
CVE-2016-9346 MEDIUM

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
moxa miineport_e1_firmware *
moxa miineport_e3_firmware *
moxa miineport_e2_firmware *
CVE-2016-9348 LOW

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. A configuration file contains parameters that represent passwords in plaintext.

CVSS 2.0

Severity: LOW

Problem Type: CWE-255,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9354 HIGH

An issue was discovered in Moxa DACenter Versions 1.4 and older. A specially crafted project file may cause the program to crash because of Uncontrolled Resource Consumption.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
moxa dacenter *
CVE-2016-9356 MEDIUM

An issue was discovered in Moxa DACenter Versions 1.4 and older. The application may suffer from an unquoted search path issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
moxa dacenter *
CVE-2016-9361 HIGH

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Administration passwords can be retried without authenticating.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9363 HIGH

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Buffer overflow vulnerability may allow an unauthenticated attacker to remotely execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9365 MEDIUM

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Requests are not verified to be intentionally submitted by the proper user (CROSS-SITE REQUEST FORGERY).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9366 MEDIUM

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. An attacker can freely use brute force to determine parameters needed to bypass authentication.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9367 HIGH

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. The amount of resources requested by a malicious actor is not restricted, leading to a denial-of-service caused by resource exhaustion.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9369 HIGH

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Firmware can be updated over the network without authentication, which may allow remote code execution.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2016-9371 MEDIUM

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. User-controlled input is not neutralized before being output to web page (CROSS-SITE SCRIPTING).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa nport_6100_series_firmware *
moxa nport_5200_series_firmware *
moxa nport_5600_series_firmware *
moxa nport_5100_series_firmware *
moxa nport_p5150a_series_firmware *
moxa nport_5x50a1-m12_series_firmware *
moxa nport_5400_series_firmware *
moxa nport_5200a_series_firmware *
moxa nport_5600-8-dtl_series_firmware *
moxa nport_5100a_series_firmware *
CVE-2017-12120 HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the "/goform/net_WebPingGetValue" URI to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12121 HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakey\_name= parm in the "/goform/WebRSAKEYGen" uri to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12123 LOW

An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. An attacker can look at network traffic to get the admin password for the device. The attacker can then use the credentials to login as admin.

CVSS 2.0

Severity: LOW

Problem Type: CWE-522,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12124 MEDIUM

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-476,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12125 HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the CN= parm in the "/goform/net_WebCSRGen" uri to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12126 MEDIUM

An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forgery. An attacker can create malicious HTML to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12127 LOW

A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.

CVSS 2.0

Severity: LOW

Problem Type: CWE-522,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12128 MEDIUM

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12129 LOW

An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and could brute force them.

CVSS 2.0

Severity: LOW

Problem Type: CWE-327,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-12729 HIGH

A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
moxa softcms_lab_view *
CVE-2017-13698 MEDIUM

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa eds-g512e_firmware 5.1
CVE-2017-13699 MEDIUM

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to retrieve it.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
moxa eds-g512e_firmware 5.1
CVE-2017-13700 LOW

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration interface.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa eds-g512e_firmware 5.1
CVE-2017-13701 MEDIUM

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa eds-g512e_firmware 5.1
CVE-2017-13702 MEDIUM

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and reused.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa eds-g512e_firmware 5.1
CVE-2017-13703 HIGH

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
moxa eds-g512e_firmware 5.1
CVE-2017-14028 MEDIUM

A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exhaust memory resources by sending a large amount of TCP SYN packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,CWE-400,

Products Affected

Vendor Product Version
moxa nport_5110_firmware 2.6
moxa nport_5150_firmware *
moxa nport_5110_firmware 2.7
moxa nport_5110_firmware 2.4
moxa nport_5130_firmware *
moxa nport_5110_firmware 2.2
CVE-2017-14030 MEDIUM

An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-428,CWE-428,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2017-14432 HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the openvpnServer0_tmp= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14433 HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14434 HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetmask0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14435 MEDIUM

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14436 MEDIUM

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG2.ini" without a cookie header to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14437 MEDIUM

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_LOG.ini" without a cookie header to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14438 MEDIUM

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14439 MEDIUM

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.1
CVE-2017-14459 HIGH

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username parameter of several services (SSH, Telnet, console), resulting in remote, unauthenticated, root-level operating system command execution.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.7
moxa awk-3131a_firmware 1.5
moxa awk-3131a_firmware 1.4
moxa awk-3131a_firmware 1.6
CVE-2017-16715 MEDIUM

An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
moxa nport_5110_firmware 2.6
moxa nport_5150_firmware *
moxa nport_5110_firmware 2.7
moxa nport_5110_firmware 2.4
moxa nport_5130_firmware *
moxa nport_5110_firmware 2.2
CVE-2017-16719 MEDIUM

An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availability of the device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,CWE-74,

Products Affected

Vendor Product Version
moxa nport_5110_firmware 2.6
moxa nport_5150_firmware *
moxa nport_5110_firmware 2.7
moxa nport_5110_firmware 2.4
moxa nport_5130_firmware *
moxa nport_5110_firmware 2.2
CVE-2017-16727 MEDIUM

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely compromise the confidentiality and integrity of the wireless traffic.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,CWE-521,

Products Affected

Vendor Product Version
moxa nport_w2250a_firmware *
moxa nport_w2150a_firmware *
CVE-2017-5170 MEDIUM

An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct. The attacker needs to have administrative access to the default install location in order to plant the insecure DLL. Once loaded by the application, the DLL could run malicious code at the privilege level of the application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,CWE-427,

Products Affected

Vendor Product Version
moxa softnvr-ia_live_view *
CVE-2017-7455 MEDIUM

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa mxview 2.8
CVE-2017-7456 MEDIUM

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
moxa mxview 2.8
CVE-2017-7457 LOW

XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.

CVSS 2.0

Severity: LOW

Problem Type: CWE-611,

Products Affected

Vendor Product Version
moxa mx-aopc_server 1.5
CVE-2017-7913 MEDIUM

A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application's configuration file contains parameters that represent passwords in plaintext.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-256,CWE-522,

Products Affected

Vendor Product Version
moxa oncell_g3150-hsdpa_firmware *
moxa oncell_5104-hspa_firmware *
moxa oncell_g3110-hsdpa_firmware *
moxa oncell_5004-hspa_firmware *
moxa oncell_5104-hsdpa_firmware *
moxa oncell_g3110-hspa_firmware *
CVE-2017-7915 HIGH

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. An attacker can freely use brute force to determine parameters needed to bypass authentication.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-307,CWE-307,

Products Affected

Vendor Product Version
moxa oncell_g3150-hsdpa_firmware *
moxa oncell_5104-hspa_firmware *
moxa oncell_g3110-hsdpa_firmware *
moxa oncell_5004-hspa_firmware *
moxa oncell_5104-hsdpa_firmware *
moxa oncell_g3110-hspa_firmware *
CVE-2017-7917 MEDIUM

A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request, which could allow an attacker to modify the configuration of the device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-352,

Products Affected

Vendor Product Version
moxa oncell_g3150-hsdpa_firmware *
moxa oncell_5104-hspa_firmware *
moxa oncell_g3110-hsdpa_firmware *
moxa oncell_5004-hspa_firmware *
moxa oncell_5104-hsdpa_firmware *
moxa oncell_g3110-hspa_firmware *
CVE-2018-10632 MEDIUM

In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,CWE-400,

Products Affected

Vendor Product Version
moxa nport_5232_firmware 2.9
moxa nport_5210_firmware 2.9
moxa nport_5230_firmware 2.9
CVE-2018-10690 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such as credentials.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10691 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log (the system log). However, the same functionality allows an attacker to download the file without any authentication or authorization.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10692 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10693 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is susceptible to a buffer overflow. By crafting a packet that contains a string of 516 characters, it is possible for an attacker to execute the attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10694 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between the user's computer and the device. This can allow an attacker to steal the credentials passing over the HTTP connection as well as TELNET traffic. Also an attacker can MITM the response and infect a user's computer very easily as well.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10695 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides alert functionality so that an administrator can send emails to his/her account when there are changes to the device's network. However, the same functionality allows an attacker to execute commands on the device. The POST parameters "to1,to2,to3,to4" are all susceptible to buffer overflow. By crafting a packet that contains a string of 678 characters, it is possible for an attacker to execute the attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10696 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a web interface to allow an administrator to manage the device. However, this interface is not protected against CSRF attacks, which allows an attacker to trick an administrator into executing actions without his/her knowledge, as demonstrated by the forms/iw_webSetParameters and forms/webSetMainRestart URIs.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10697 HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10698 HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET service by default. This allows an attacker who has been able to gain an MITM position to easily sniff the traffic between the device and the user. Also an attacker can easily connect to the TELNET daemon using the default credentials if they have not been changed by the user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-311,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10699 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_privatePass" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10700 MEDIUM

An issue was discovered on Moxa AWK-3121 1.19 devices. It provides functionality so that an administrator can change the name of the device. However, the same functionality allows an attacker to execute XSS by injecting an XSS payload. The POST parameter "iw_board_deviceName" is susceptible to this injection.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.19
CVE-2018-10701 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible to buffer overflow. By crafting a packet that contains a string of 162 characters, it is possible for an attacker to execute the attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10702 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible to command injection via shell metacharacters.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-10703 MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_serverip" is susceptible to buffer overflow. By crafting a packet that contains a string of 480 characters, it is possible for an attacker to execute the attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa awk-3121_firmware 1.14
CVE-2018-11420 HIGH

There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
CVE-2018-11421 MEDIUM

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol is vulnerable to remote unauthenticated disclosure of sensitive information, including the administrator's password. Under certain conditions, it's also possible to retrieve additional information, such as content of HTTP requests to the device, or the previously used password, due to memory leakages.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
CVE-2018-11422 HIGH

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. Any commands (including device reboot, configuration download or upload, or firmware upgrade) are accepted and executed by the device without authentication.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-319,

Products Affected

Vendor Product Version
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
CVE-2018-11423 HIGH

There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
CVE-2018-11424 HIGH

There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
moxa oncell_g3470a-lte-eu_firmware *
moxa oncell_g3470a-lte-us-t_firmware *
moxa oncell_g3470a-lte-us_firmware *
moxa oncell_g3470a-lte-eu-t_firmware *
CVE-2018-11425 HIGH

Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa oncell_g3470a-lte-eu_firmware *
moxa oncell_g3470a-lte-us-t_firmware *
moxa oncell_g3470a-lte-us_firmware *
moxa oncell_g3470a-lte-eu-t_firmware *
CVE-2018-11426 HIGH

A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
CVE-2018-11427 MEDIUM

CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
CVE-2018-16282 HIGH

A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa edr-810_firmware 4.2
CVE-2018-18390 MEDIUM

User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-18391 MEDIUM

User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-18392 MEDIUM

Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-18393 MEDIUM

Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-18394 MEDIUM

Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-18395 HIGH

Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-18396 HIGH

Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa thingspro 2.1
CVE-2018-19659 HIGH

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root user. This is similar to CVE-2017-12120.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa nport_w2x50a_firmware *
CVE-2018-19660 HIGH

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa nport_w2x50a_firmware *
CVE-2018-5449 LOW

A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
moxa oncell_g3110-hspa-t_firmware *
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
moxa oncell_g3110-hspa_firmware *
CVE-2018-5453 HIGH

An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-130,CWE-119,

Products Affected

Vendor Product Version
moxa oncell_g3110-hspa-t_firmware *
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
moxa oncell_g3110-hspa_firmware *
CVE-2018-5455 HIGH

A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-565,CWE-287,

Products Affected

Vendor Product Version
moxa oncell_g3110-hspa-t_firmware *
moxa oncell_g3150-hspa-t_firmware *
moxa oncell_g3150-hspa_firmware *
moxa oncell_g3110-hspa_firmware *
CVE-2018-7506 MEDIUM

The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2019-10963 MEDIUM

Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-321,NVD-CWE-Other,

Products Affected

Vendor Product Version
moxa edr-810_firmware *
CVE-2019-10969 MEDIUM

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
moxa edr-810_firmware *
CVE-2019-18238 MEDIUM

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,CWE-312,

Products Affected

Vendor Product Version
moxa iologik_2512-wl1-jp-t_firmware *
moxa iologik_2542-wl1-eu-t_firmware *
moxa iologik_2542-wl1-jp_firmware *
moxa iologik_2542-wl1-jp-t_firmware *
moxa iologik_2512-wl1-jp_firmware *
moxa iologik_2542-t_firmware *
moxa iologik_2512-t_firmware *
moxa iologik_2512-hspa-t_firmware *
moxa iologik_2512-wl1-eu_firmware *
moxa iologik_2542-wl1-eu_firmware *
moxa iologik_2512-wl1-us-t_firmware *
moxa iologik_2512-hspa_firmware *
moxa iologik_2512-wl1-us_firmware *
moxa iologik_2512_firmware *
moxa iologik_2542_firmware *
moxa iologik_2542-wl1-us-t_firmware *
moxa iologik_2542-hspa_firmware *
moxa iologik_2542-wl1-us_firmware *
moxa iologik_2512-wl1-eu-t_firmware *
moxa iologik_2542-hspa-t_firmware *
CVE-2019-18242 MEDIUM

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-941,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa iologik_2512-wl1-jp-t_firmware *
moxa iologik_2542-wl1-eu-t_firmware *
moxa iologik_2542-wl1-jp_firmware *
moxa iologik_2542-wl1-jp-t_firmware *
moxa iologik_2512-wl1-jp_firmware *
moxa iologik_2542-t_firmware *
moxa iologik_2512-t_firmware *
moxa iologik_2512-hspa-t_firmware *
moxa iologik_2512-wl1-eu_firmware *
moxa iologik_2542-wl1-eu_firmware *
moxa iologik_2512-wl1-us-t_firmware *
moxa iologik_2512-hspa_firmware *
moxa iologik_2512-wl1-us_firmware *
moxa iologik_2512_firmware *
moxa iologik_2542_firmware *
moxa iologik_2542-wl1-us-t_firmware *
moxa iologik_2542-hspa_firmware *
moxa iologik_2542-wl1-us_firmware *
moxa iologik_2512-wl1-eu-t_firmware *
moxa iologik_2542-hspa-t_firmware *
CVE-2019-19707 HIGH

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa eds-g508e_firmware *
moxa eds-g516e_firmware *
moxa eds-g512e_firmware *
CVE-2019-5136 HIGH

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5137 MEDIUM

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-321,CWE-798,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5138 HIGH

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5139 LOW

An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-798,CWE-798,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5140 MEDIUM

An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5141 MEDIUM

An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip parameter can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5142 HIGH

An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various authenticated requests to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5143 MEDIUM

An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-134,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5148 MEDIUM

An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-191,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5153 MEDIUM

An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5162 HIGH

An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-5165 MEDIUM

An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-288,CWE-287,

Products Affected

Vendor Product Version
moxa awk-3131a_firmware 1.13
CVE-2019-6518 MEDIUM

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-256,CWE-311,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6520 MEDIUM

Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6522 HIGH

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6524 MEDIUM

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-307,CWE-307,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6526 MEDIUM

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,CWE-319,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6557 HIGH

Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6559 MEDIUM

Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,CWE-400,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6561 MEDIUM

Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-352,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6563 HIGH

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-341,CWE-916,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-6565 MEDIUM

Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
moxa eds-405a_firmware *
moxa iks-g6824a_firmware *
moxa eds-408a_firmware *
moxa eds-510a_firmware *
CVE-2019-9095 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9096 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing account passwords.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-521,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9097 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9098 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An Integer overflow in the built-in web server allows remote attackers to initiate DoS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9099 HIGH

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9101 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9102 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-330,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9103 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker can access sensitive information (e.g., conduct username disclosure attacks) on the built-in WEB-service without authorization.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2019-9104 MEDIUM

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,CWE-522,

Products Affected

Vendor Product Version
moxa mb3170_firmware *
moxa mb3180_firmware *
moxa mb3660_firmware *
moxa mb3480_firmware *
moxa mb3270_firmware *
moxa mb3280_firmware *
CVE-2020-12117 MEDIUM

Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. NOTE: Moxa Service is an unauthenticated service that runs upon a first-time installation but can be disabled without ill effect.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,

Products Affected

Vendor Product Version
moxa nport_5100a_firmware *
CVE-2020-13536 HIGH

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT SYSTEM authority user executes a series of Node.Js scripts to start additional application functionality.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
moxa mxview 3.1.8
CVE-2020-13537 HIGH

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority user executes a series of Node.Js scripts to start additional application functionality and among them the mosquitto executable is also run.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
moxa mxview 3.1.8
CVE-2020-14511 HIGH

Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
moxa edr-g903_firmware *
moxa edr-g903-t_firmware *
moxa edr-g902_firmware *
moxa edr-g902-t_firmware *
CVE-2020-23639 HIGH

A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower that could allow a remote attacker to execute arbitrary commands in Moxa's VPort 461 Series Industrial Video Servers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
moxa vport_461_firmware *
CVE-2020-25153 MEDIUM

The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-521,CWE-521,

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2020-25190 MEDIUM

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,CWE-319,

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2020-25192 MEDIUM

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
ics-cert@hq.dhs.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2020-25194 MEDIUM

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-269,

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2020-25196 MEDIUM

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-307,CWE-307,

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2020-25198 MEDIUM

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-384,CWE-384,

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2020-27149 MEDIUM

By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa nport_ia5450a_firmware *
moxa nport_ia5250a_firmware *
moxa nport_ia5150a_firmware *
CVE-2020-27150 MEDIUM

In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-shared key” doesn’t set.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa nport_ia5450a_firmware *
moxa nport_ia5250a_firmware *
moxa nport_ia5150a_firmware *
CVE-2020-27184 MEDIUM

The NPort IA5000A Series devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-the-Middle attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
moxa nport_ia5450a_firmware *
moxa nport_ia5250a_firmware *
moxa nport_ia5150a_firmware *
CVE-2020-27185 MEDIUM

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
moxa nport_ia5450a_firmware *
moxa nport_ia5250a_firmware *
moxa nport_ia5150a_firmware *
CVE-2020-28144 HIGH

Certain Moxa Inc products are affected by an improper restriction of operations in EDR-G903 Series Firmware Version 5.5 or lower, EDR-G902 Series Firmware Version 5.5 or lower, and EDR-810 Series Firmware Version 5.6 or lower. Crafted requests sent to the device may allow remote arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
moxa edr-810-2gsfp_firmware *
moxa edr-g903_firmware *
moxa edr-810-vpn-2gsfp_firmware *
moxa edr-g903-t_firmware *
moxa edr-810-2gsfp-t_firmware *
moxa edr-g902_firmware *
moxa edr-810-vpn-2gsfp-t_firmware *
moxa edr-g902-t_firmware *
CVE-2020-6979 MEDIUM

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-321,CWE-798,

Products Affected

Vendor Product Version
moxa eds-510e_firmware *
moxa eds-g516e_firmware *
CVE-2020-6981 HIGH

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,CWE-798,

Products Affected

Vendor Product Version
moxa eds-510e_firmware *
moxa eds-g516e_firmware *
CVE-2020-6983 MEDIUM

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-321,CWE-798,

Products Affected

Vendor Product Version
moxa pt-7828-r-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-r-48-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv-hv_firmware *
moxa pt-7828-r-24-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-24tx-wv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-hv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-48_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv_firmware *
moxa pt-7528-24tx-wv_firmware *
moxa pt-7828-f-48_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-24-24_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-24_firmware *
moxa pt-7528-24tx-hv-hv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24-hv_firmware *
moxa pt-7528-24tx-wv-wv_firmware *
moxa pt-7828-f-hv_firmware *
moxa pt-7528-24tx-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv_firmware *
moxa pt-7828-r-24-24_firmware *
CVE-2020-6985 HIGH

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,CWE-798,

Products Affected

Vendor Product Version
moxa pt-7828-r-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-r-48-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv-hv_firmware *
moxa pt-7828-r-24-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-24tx-wv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-hv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-48_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv_firmware *
moxa pt-7528-24tx-wv_firmware *
moxa pt-7828-f-48_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-24-24_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-24_firmware *
moxa pt-7528-24tx-hv-hv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24-hv_firmware *
moxa pt-7528-24tx-wv-wv_firmware *
moxa pt-7828-f-hv_firmware *
moxa pt-7528-24tx-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv_firmware *
moxa pt-7828-r-24-24_firmware *
CVE-2020-6987 MEDIUM

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,CWE-327,

Products Affected

Vendor Product Version
moxa pt-7828-r-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-r-48-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv-hv_firmware *
moxa pt-7828-r-24-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-24tx-wv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-hv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-48_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv_firmware *
moxa pt-7528-24tx-wv_firmware *
moxa pt-7828-f-48_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-24-24_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-24_firmware *
moxa pt-7528-24tx-hv-hv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24-hv_firmware *
moxa pt-7528-24tx-wv-wv_firmware *
moxa pt-7828-f-hv_firmware *
moxa pt-7528-24tx-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv_firmware *
moxa pt-7828-r-24-24_firmware *
CVE-2020-6989 HIGH

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
moxa pt-7828-r-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-r-48-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv-hv_firmware *
moxa pt-7828-r-24-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-24tx-wv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-hv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-48_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv_firmware *
moxa pt-7528-24tx-wv_firmware *
moxa pt-7828-f-48_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-24-24_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-24_firmware *
moxa pt-7528-24tx-hv-hv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24-hv_firmware *
moxa pt-7528-24tx-wv-wv_firmware *
moxa pt-7828-f-hv_firmware *
moxa pt-7528-24tx-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv_firmware *
moxa pt-7828-r-24-24_firmware *
CVE-2020-6991 MEDIUM

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-521,CWE-521,

Products Affected

Vendor Product Version
moxa eds-510e_firmware *
moxa eds-g516e_firmware *
CVE-2020-6993 MEDIUM

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
moxa pt-7828-r-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-r-48-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv-hv_firmware *
moxa pt-7828-r-24-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-24tx-wv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-hv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-48_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv_firmware *
moxa pt-7528-24tx-wv_firmware *
moxa pt-7828-f-48_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-24-24_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-24_firmware *
moxa pt-7528-24tx-hv-hv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24-hv_firmware *
moxa pt-7528-24tx-wv-wv_firmware *
moxa pt-7828-f-hv_firmware *
moxa pt-7528-24tx-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv_firmware *
moxa pt-7828-r-24-24_firmware *
CVE-2020-6995 HIGH

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-521,CWE-521,

Products Affected

Vendor Product Version
moxa pt-7828-r-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-r-48-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-hv-hv_firmware *
moxa pt-7528-20mst-4tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv-hv_firmware *
moxa pt-7828-r-24-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-24tx-wv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv-hv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-hv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-48_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv_firmware *
moxa pt-7528-24tx-wv_firmware *
moxa pt-7828-f-48_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-f-24-24_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-hv_firmware *
moxa pt-7828-r-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24_firmware *
moxa pt-7528-20mst-4tx-4gsfp-wv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-hv-hv_firmware *
moxa pt-7528-12msc-12tx-4gsfp-wv-wv_firmware *
moxa pt-7528-8mst-16tx-4gsfp-wv_firmware *
moxa pt-7828-f-48-48_firmware *
moxa pt-7528-8msc-16tx-4gsfp-hv-hv_firmware *
moxa pt-7828-r-24_firmware *
moxa pt-7528-24tx-hv-hv_firmware *
moxa pt-7528-8msc-16tx-4gsfp-wv_firmware *
moxa pt-7528-16msc-8tx-4gsfp-wv-wv_firmware *
moxa pt-7528-16mst-8tx-4gsfp-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-wv_firmware *
moxa pt-7528-8ssc-16tx-4gsfp-wv-wv_firmware *
moxa pt-7828-f-24-hv_firmware *
moxa pt-7528-24tx-wv-wv_firmware *
moxa pt-7828-f-hv_firmware *
moxa pt-7528-24tx-hv_firmware *
moxa pt-7528-20msc-4tx-4gsfp-hv_firmware *
moxa pt-7528-12mst-12tx-4gsfp-wv_firmware *
moxa pt-7828-r-24-24_firmware *
CVE-2020-6997 MEDIUM

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,CWE-319,

Products Affected

Vendor Product Version
moxa eds-510e_firmware *
moxa eds-g516e_firmware *
CVE-2020-6999 MEDIUM

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
moxa mds-g516e_firmware *
CVE-2020-7001 MEDIUM

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,CWE-327,

Products Affected

Vendor Product Version
moxa eds-510e_firmware *
moxa eds-g516e_firmware *
CVE-2020-7003 MEDIUM

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,CWE-319,

Products Affected

Vendor Product Version
moxa iologik_2512-wl1-jp-t_firmware *
moxa iologik_2542-wl1-eu-t_firmware *
moxa iologik_2542-wl1-jp_firmware *
moxa iologik_2542-wl1-jp-t_firmware *
moxa iologik_2512-wl1-jp_firmware *
moxa iologik_2542-t_firmware *
moxa iologik_2512-t_firmware *
moxa iologik_2512-hspa-t_firmware *
moxa iologik_2512-wl1-eu_firmware *
moxa iologik_2542-wl1-eu_firmware *
moxa iologik_2512-wl1-us-t_firmware *
moxa iologik_2512-hspa_firmware *
moxa iologik_2512-wl1-us_firmware *
moxa iologik_2512_firmware *
moxa iologik_2542_firmware *
moxa iologik_2542-wl1-us-t_firmware *
moxa iologik_2542-hspa_firmware *
moxa iologik_2542-wl1-us_firmware *
moxa iologik_2512-wl1-eu-t_firmware *
moxa iologik_2542-hspa-t_firmware *
CVE-2020-7007 HIGH

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
moxa eds-510e_firmware *
moxa eds-g516e_firmware *
CVE-2020-8858 HIGH

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9552.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
moxa mgate_5105-mb-eip-t_firmware *
moxa mgate_5105-mb-eip_firmware *
CVE-2021-25845 MEDIUM

Improper validation of the ChassisID TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a NULL pointer dereference via a crafted lldp packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
moxa vport_06ec-2v80m_firmware 1.1
moxa vport_06ec-2v36m-ct_firmware 1.1
moxa vport_06ec-2v60m-t_firmware 1.1
moxa vport_06ec-2v60m-ct_firmware 1.1
moxa vport_06ec-2v60m-ct-t_firmware 1.1
moxa vport_06ec-2v80m-t_firmware 1.1
moxa vport_06ec-2v80m-ct-t_firmware 1.1
moxa vport_06ec-2v60m_firmware 1.1
moxa vport_06ec-2v36m-ct-t_firmware 1.1
moxa vport_06ec-2v80m-ct_firmware 1.1
moxa vport_06ec-2v42m-ct-t_firmware 1.1
moxa vport_06ec-2v42m_firmware 1.1
moxa vport_06ec-2v26m_firmware 1.1
moxa vport_06ec-2v36m-t_firmware 1.1
moxa vport_06ec-2v42m-t_firmware 1.1
moxa vport_06ec-2v42m-ct_firmware 1.1
CVE-2021-25846 HIGH

Improper validation of the ChassisID TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a negative number passed to the memcpy function via a crafted lldp packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,

Products Affected

Vendor Product Version
moxa vport_06ec-2v26m_firmware *
moxa vport_06ec-2v36m-ct_firmware *
moxa vport_06ec-2v36m-t_firmware *
moxa vport_06ec-2v80m_firmware *
moxa vport_06ec-2v60m_firmware *
moxa vport_06ec-2v80m-ct-t_firmware *
moxa vport_06ec-2v42m-ct_firmware *
moxa vport_06ec-2v80m-t_firmware *
moxa vport_06ec-2v42m_firmware *
moxa vport_06ec-2v60m-t_firmware *
moxa vport_06ec-2v60m-ct_firmware *
moxa vport_06ec-2v42m-ct-t_firmware *
moxa vport_06ec-2v36m-ct-t_firmware *
moxa vport_06ec-2v80m-ct_firmware *
moxa vport_06ec-2v42m-t_firmware *
moxa vport_06ec-2v60m-ct-t_firmware *
CVE-2021-25847 HIGH

Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop counter variable via a crafted lldp packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
moxa vport_06ec-2v26m_firmware *
moxa vport_06ec-2v36m-ct_firmware *
moxa vport_06ec-2v36m-t_firmware *
moxa vport_06ec-2v80m_firmware *
moxa vport_06ec-2v60m_firmware *
moxa vport_06ec-2v80m-ct-t_firmware *
moxa vport_06ec-2v42m-ct_firmware *
moxa vport_06ec-2v80m-t_firmware *
moxa vport_06ec-2v42m_firmware *
moxa vport_06ec-2v60m-t_firmware *
moxa vport_06ec-2v60m-ct_firmware *
moxa vport_06ec-2v42m-ct-t_firmware *
moxa vport_06ec-2v36m-ct-t_firmware *
moxa vport_06ec-2v80m-ct_firmware *
moxa vport_06ec-2v42m-t_firmware *
moxa vport_06ec-2v60m-ct-t_firmware *
CVE-2021-25848 HIGH

Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to using fixed loop counter variable without checking the actual available length via a crafted lldp packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
moxa vport_06ec-2v26m_firmware *
moxa vport_06ec-2v36m-ct_firmware *
moxa vport_06ec-2v36m-t_firmware *
moxa vport_06ec-2v80m_firmware *
moxa vport_06ec-2v60m_firmware *
moxa vport_06ec-2v80m-ct-t_firmware *
moxa vport_06ec-2v42m-ct_firmware *
moxa vport_06ec-2v80m-t_firmware *
moxa vport_06ec-2v42m_firmware *
moxa vport_06ec-2v60m-t_firmware *
moxa vport_06ec-2v60m-ct_firmware *
moxa vport_06ec-2v42m-ct-t_firmware *
moxa vport_06ec-2v36m-ct-t_firmware *
moxa vport_06ec-2v80m-ct_firmware *
moxa vport_06ec-2v42m-t_firmware *
moxa vport_06ec-2v60m-ct-t_firmware *
CVE-2021-25849 HIGH

An integer underflow was discovered in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, improper validation of the PortID TLV leads to Denial of Service via a crafted lldp packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,

Products Affected

Vendor Product Version
moxa vport_06ec-2v26m_firmware *
moxa vport_06ec-2v36m-ct_firmware *
moxa vport_06ec-2v36m-t_firmware *
moxa vport_06ec-2v80m_firmware *
moxa vport_06ec-2v60m_firmware *
moxa vport_06ec-2v80m-ct-t_firmware *
moxa vport_06ec-2v42m-ct_firmware *
moxa vport_06ec-2v80m-t_firmware *
moxa vport_06ec-2v42m_firmware *
moxa vport_06ec-2v60m-t_firmware *
moxa vport_06ec-2v60m-ct_firmware *
moxa vport_06ec-2v42m-ct-t_firmware *
moxa vport_06ec-2v36m-ct-t_firmware *
moxa vport_06ec-2v80m-ct_firmware *
moxa vport_06ec-2v42m-t_firmware *
moxa vport_06ec-2v60m-ct-t_firmware *
CVE-2021-32968 MEDIUM

Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
moxa nport_iaw5250a-12i/o_firmware *
moxa nport_iaw5150a-6i/o_firmware *
moxa nport_iaw5250a-6i/o_firmware *
moxa nport_iaw5150a-12i/o_firmware *
CVE-2021-32970 HIGH

Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
moxa nport_iaw5250a-12i/o_firmware *
moxa nport_iaw5150a-6i/o_firmware *
moxa nport_iaw5250a-6i/o_firmware *
moxa nport_iaw5150a-12i/o_firmware *
CVE-2021-32974 HIGH

Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-78,

Products Affected

Vendor Product Version
moxa nport_iaw5250a-12i/o_firmware *
moxa nport_iaw5150a-6i/o_firmware *
moxa nport_iaw5250a-6i/o_firmware *
moxa nport_iaw5150a-12i/o_firmware *
CVE-2021-32976 HIGH

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
moxa nport_iaw5250a-12i/o_firmware *
moxa nport_iaw5150a-6i/o_firmware *
moxa nport_iaw5250a-6i/o_firmware *
moxa nport_iaw5150a-12i/o_firmware *
CVE-2021-33823 MEDIUM

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
moxa mgate_mb3180_firmware 2.1
CVE-2021-33824 MEDIUM

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
moxa mgate_mb3180_firmware 2.1
CVE-2021-38452 MEDIUM

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2021-38454 HIGH

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,CWE-22,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2021-38456 HIGH

A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-259,CWE-798,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2021-38458 HIGH

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-74,CWE-74,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2021-38460 MEDIUM

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-523,CWE-22,

Products Affected

Vendor Product Version
moxa mxview *
CVE-2021-39278 MEDIUM

Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
moxa wac-1001_firmware 2.1
moxa tap-323-jp-ct-t_firmware 1.3
moxa wdr-3124a-us-t_firmware 2.3
moxa wac-2004_firmware 1.7
moxa wdr-3124a-eu_firmware 2.3
moxa tap-323-eu-ct-t_firmware 1.3
moxa wdr-3124a-eu-t_firmware 2.3
moxa wdr-3124a-us_firmware 2.3
moxa wac-1001-t_firmware 2.1
moxa oncell_g3470a-lte-eu_firmware 1.7
moxa tap-323-us-ct-t_firmware 1.3
moxa oncell_g3470a-lte-eu-t_firmware 1.7
CVE-2021-39279 HIGH

Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
moxa wac-1001_firmware 2.1
moxa tap-323-jp-ct-t_firmware 1.3
moxa wdr-3124a-us-t_firmware 2.3
moxa wac-2004_firmware 1.7
moxa wdr-3124a-eu_firmware 2.3
moxa tap-323-eu-ct-t_firmware 1.3
moxa wdr-3124a-eu-t_firmware 2.3
moxa wdr-3124a-us_firmware 2.3
moxa wac-1001-t_firmware 2.1
moxa oncell_g3470a-lte-eu_firmware 1.7
moxa tap-323-us-ct-t_firmware 1.3
moxa oncell_g3470a-lte-eu-t_firmware 1.7
CVE-2021-40390 HIGH

An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,CWE-798,

Products Affected

Vendor Product Version
moxa mxview 3.2.4
CVE-2021-40392 MEDIUM

An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,CWE-319,

Products Affected

Vendor Product Version
moxa mxview 3.2.4
CVE-2021-4161 MEDIUM

The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
ics-cert@hq.dhs.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
moxa mgate_mb3180_firmware *
moxa mgate_mb3280_firmware *
moxa mgate_mb3480_firmware *
CVE-2021-46082 HIGH

Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-401,

Products Affected

Vendor Product Version
moxa tn-5916-wv-t_firmware *
moxa mgate_5101-pbm-mn-t_firmware *
moxa mgate_5109-t_firmware *
moxa mgate_5101-pbm-mn_firmware *
moxa tn-5916-wv-ct-t_firmware *
moxa mgate_5109_firmware *
CVE-2021-46559 MEDIUM

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
CVE-2021-46560 HIGH

The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
CVE-2022-2043

MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that can cause the device to become unresponsive.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
moxa nport_5110_firmware 2.10
CVE-2022-2044

MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 3.9 4.2
nvd@nist.gov 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 3.9 4.2

Products Affected

Vendor Product Version
moxa nport_5110_firmware 2.10
CVE-2022-27048 MEDIUM

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 2.2 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
moxa mgate_mb3170-t_firmware *
moxa mgate_mb3280_firmware *
moxa mgate_mb3170-s-sc_firmware *
moxa mgate_mb3170i_firmware *
moxa mgate_mb3170-m-sc_firmware *
moxa mgate_mb3170-s-sc-t_firmware *
moxa mgate_mb3170-m-sc-t_firmware *
moxa mgate_mb3170i-m-sc-t_firmware *
moxa mgate_mb3170-m-st_firmware *
moxa mgate_mb3170i-m-sc_firmware *
moxa mgate_mb3270_firmware *
moxa mgate_mb3270-t_firmware *
moxa mgate_mb3170i-s-sc_firmware *
moxa mgate_mb3170i-t_firmware *
moxa mgate_mb3170-m-st-t_firmware *
moxa mgate_mb3480_firmware *
moxa mgate_mb3170_firmware *
moxa mgate_mb3270i_firmware *
moxa mgate_mb3170i-s-sc-t_firmware *
moxa mgate_mb3270i-t_firmware *
CVE-2022-3086

Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code.

Products Affected

Vendor Product Version
moxa uc-8540-t-ct-lx_firmware *
moxa uc-8112-lx_firmware 1.3
moxa uc-3101-t-eu-lx_firmware *
moxa uc-8410a-nw-t-lx_firmware 2.2
moxa uc-8132-lx_firmware 1.3
moxa uc-8580-t-ct-lx_firmware 1.1
moxa uc-8131-lx_firmware 1.2
moxa uc-8162-lx_firmware 1.2
moxa uc-8410a-lx_firmware 2.2
moxa uc-8112a-me-t-lx_firmware 1.0
moxa uc-3121-t-us-lx_firmware *
moxa uc-8132-lx_firmware 1.2
moxa uc-3111-t-ap-lx_firmware *
moxa uc-2116-t-lx_firmware *
moxa uc-8580-t-q-lx_firmware 1.1
moxa uc-8580-t-ct-q-lx_firmware 1.1
moxa uc-3111-t-ap-lx-nw_firmware *
moxa uc-8220-t-lx-us-s_firmware *
moxa uc-5112-t-lx_firmware 1.2
moxa uc-3121-t-eu-lx_firmware *
moxa uc-8580-t-lx_firmware 1.1
moxa uc-2111-lx_firmware *
moxa uc-5112-lx_firmware 1.2
moxa uc-2102-lx_firmware *
moxa uc-8540-lx_firmware *
moxa uc-5111-t-lx_firmware 1.2
moxa uc-8410a-nw-lx_firmware 2.2
moxa uc-8580-q-lx_firmware 1.1
moxa uc-5102-t-lx_firmware 1.2
moxa uc-3101-t-ap-lx_firmware *
moxa uc-8220-t-lx_firmware *
moxa uc-2104-lx_firmware *
moxa uc-8112a-me-t-lx_firmware 1.1
moxa uc-3111-t-us-lx_firmware *
moxa uc-8580-lx_firmware 1.1
moxa uc-5101-t-lx_firmware 1.2
moxa uc-5111-lx_firmware 1.2
moxa uc-3111-t-eu-lx-nw_firmware *
moxa uc-3111-t-eu-lx_firmware *
moxa uc-3111-t-us-lx-nw_firmware *
moxa uc-8112-lx_firmware 1.2
moxa uc-8220-t-lx-eu-s_firmware *
moxa uc-8540-t-lx_firmware *
moxa uc-5101-lx_firmware 1.2
moxa uc-3121-t-ap-lx_firmware *
moxa uc-8410a-t-lx_firmware 2.2
moxa uc-5102-lx_firmware 1.2
moxa uc-3101-t-us-lx_firmware *
moxa uc-2114-t-lx_firmware *
moxa uc-2101-lx_firmware *
moxa uc-8131-lx_firmware 1.3
moxa uc-8162-lx_firmware 1.3
moxa uc-8210-t-lx-s_firmware *
moxa uc-2112-lx_firmware *
moxa uc-8220-t-lx-ap-s_firmware *
CVE-2022-3088

UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges.

Products Affected

Vendor Product Version
moxa uc-8580-q-lx_firmware 2.0
moxa uc-3101-t-eu-lx_firmware *
moxa uc-8580-t-ct-q-lx_firmware 2.0
moxa aig-301-t-eu-azu-lx_firmware *
moxa uc-8112a-me-t-lx_firmware *
moxa uc-8112-me-t-lx1_firmware 3.1
moxa uc-8580-t-q-lx_firmware 2.1
moxa uc-8131-lx_firmware *
moxa uc-3121-t-us-lx_firmware *
moxa uc-3111-t-ap-lx_firmware *
moxa uc-2116-t-lx_firmware *
moxa aig-301-cn-azu-lx_firmware *
moxa uc-3111-t-ap-lx-nw_firmware *
moxa uc-5101-lx_firmware *
moxa uc-8220-t-lx-us-s_firmware *
moxa uc-5111-lx_firmware *
moxa uc-8410a-nw-t-lx_firmware *
moxa uc-8580-t-ct-lx_firmware 2.0
moxa uc-8540-lx_firmware 2.1
moxa uc-8580-t-ct-lx_firmware 2.1
moxa uc-8580-t-ct-q-lx_firmware 2.1
moxa uc-8580-t-q-lx_firmware 2.0
moxa uc-3121-t-eu-lx_firmware *
moxa uc-5102-lx_firmware *
moxa aig-301-azu-lx_firmware *
moxa uc-2111-lx_firmware *
moxa uc-8112-lx_firmware *
moxa uc-8410a-lx_firmware *
moxa uc-5101-t-lx_firmware *
moxa uc-5112-t-lx_firmware *
moxa uc-2102-lx_firmware *
moxa uc-8580-t-lx_firmware 2.1
moxa uc-8540-t-ct-lx_firmware 2.0
moxa uc-8540-t-ct-lx_firmware 2.1
moxa uc-8410a-nw-lx_firmware *
moxa uc-8132-lx_firmware *
moxa aig-301-t-cn-azu-lx_firmware *
moxa aig-301-us-azu-lx_firmware *
moxa aig-301-ap-azu-lx_firmware *
moxa uc-8540-lx_firmware 2.0
moxa uc-2102-t-lx_firmware *
moxa aig-301-t-ap-azu-lx_firmware *
moxa uc-5102-t-lx_firmware *
moxa uc-3101-t-ap-lx_firmware *
moxa aig-301-t-azu-lx_firmware *
moxa aig-301-eu-azu-lx_firmware *
moxa uc-5111-t-lx_firmware *
moxa uc-8112-me-t-lx_firmware 3.1
moxa uc-8220-t-lx_firmware *
moxa uc-2104-lx_firmware *
moxa uc-8580-q-lx_firmware 2.1
moxa aig-301-t-us-azu-lx_firmware *
moxa uc-8220-t-lx-s_firmware *
moxa uc-8580-lx_firmware 2.1
moxa uc-8112-me-t-lx_firmware 3.0
moxa da-662c-16-lx_firmware *
moxa uc-3111-t-us-lx_firmware *
moxa uc-3111-t-eu-lx-nw_firmware *
moxa uc-8540-t-lx_firmware 2.0
moxa uc-3111-t-eu-lx_firmware *
moxa uc-3111-t-us-lx-nw_firmware *
moxa uc-8162-lx_firmware *
moxa uc-8220-t-lx-eu-s_firmware *
moxa uc-8540-t-lx_firmware 2.1
moxa uc-8580-t-lx_firmware 2.0
moxa uc-3121-t-ap-lx_firmware *
moxa uc-8410a-t-lx_firmware *
moxa uc-3101-t-us-lx_firmware *
moxa uc-2114-t-lx_firmware *
moxa uc-2101-lx_firmware *
moxa uc-8580-lx_firmware 2.0
moxa uc-8112-me-t-lx1_firmware 3.0
moxa uc-2112-lx_firmware *
moxa uc-5112-lx_firmware *
moxa uc-8220-t-lx-ap-s_firmware *
CVE-2022-40224

A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
moxa sds-3008_firmware *
moxa sds-3008-t_firmware *
CVE-2022-40691

An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa sds-3008_firmware *
moxa sds-3008-t_firmware *
CVE-2022-40693

A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
moxa sds-3008_firmware *
moxa sds-3008-t_firmware *
CVE-2022-41311

A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessage_text" name="webLocationMessage_text"

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
moxa sds-3008_firmware *
moxa sds-3008-t_firmware *
CVE-2022-41312

A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Description", name "switch_description"

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
moxa sds-3008_firmware *
moxa sds-3008-t_firmware *
CVE-2022-41313

A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact"

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
moxa sds-3008_firmware *
moxa sds-3008-t_firmware *
CVE-2023-1257

An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device’s authentication files to create a new user and gain full access to the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9
ics-cert@hq.dhs.gov 7.6 HIGH CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 0.9 6.0

Products Affected

Vendor Product Version
moxa uc-8540-t-ct-lx_firmware *
moxa uc-2114-t-lx_firmware -
moxa uc-3101-t-eu-lx_firmware *
moxa uc-8410a-nw-t-lx_firmware 2.2
moxa uc-8112a-me-t-lx_firmware *
moxa uc-8580-t-ct-lx_firmware 1.1
moxa uc-8131-lx_firmware 1.2
moxa uc-8162-lx_firmware 1.2
moxa uc-8410a-lx_firmware 2.2
moxa uc-3121-t-us-lx_firmware *
moxa uc-8132-lx_firmware 1.2
moxa uc-3111-t-ap-lx_firmware *
moxa uc-2116-t-lx_firmware *
moxa uc-8580-t-q-lx_firmware 1.1
moxa uc-8580-t-ct-q-lx_firmware 1.1
moxa uc-3111-t-ap-lx-nw_firmware *
moxa uc-8220-t-lx-us-s_firmware *
moxa uc-5112-t-lx_firmware 1.2
moxa uc-3121-t-eu-lx_firmware *
moxa uc-8580-t-lx_firmware 1.1
moxa uc-2111-lx_firmware *
moxa uc-5112-lx_firmware 1.2
moxa uc-2102-lx_firmware *
moxa uc-8540-lx_firmware *
moxa uc-5111-t-lx_firmware 1.2
moxa uc-8112-me-t-lx1_firmware *
moxa uc-2102-t-lx_firmware *
moxa uc-8410a-nw-lx_firmware 2.2
moxa uc-8112-me-t-lx_firmware *
moxa uc-8580-q-lx_firmware 1.1
moxa uc-5102-t-lx_firmware 1.2
moxa uc-3101-t-ap-lx_firmware *
moxa uc-8220-t-lx_firmware *
moxa uc-2104-lx_firmware *
moxa uc-8220-t-lx-s_firmware *
moxa uc-3111-t-us-lx_firmware *
moxa uc-8580-lx_firmware 1.1
moxa uc-5101-t-lx_firmware 1.2
moxa uc-5111-lx_firmware 1.2
moxa uc-3111-t-eu-lx-nw_firmware *
moxa uc-3111-t-eu-lx_firmware *
moxa uc-3111-t-us-lx-nw_firmware *
moxa uc-8112-lx_firmware 1.2
moxa uc-8220-t-lx-eu-s_firmware *
moxa uc-8540-t-lx_firmware *
moxa uc-5101-lx_firmware 1.2
moxa uc-3121-t-ap-lx_firmware *
moxa uc-8410a-t-lx_firmware 2.2
moxa uc-5102-lx_firmware 1.2
moxa uc-3101-t-us-lx_firmware *
moxa uc-2114-t-lx_firmware *
moxa uc-2101-lx_firmware *
moxa uc-8210-t-lx-s_firmware *
moxa uc-2112-lx_firmware *
moxa uc-8220-t-lx-ap-s_firmware *
CVE-2023-28697

Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to perform arbitrary system operation or disrupt service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
twcert@cert.org.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
moxa miineport_e1_firmware 1.7.2
CVE-2023-33235

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
moxa mxsecurity 1.0
CVE-2023-33236

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
moxa mxsecurity 1.0
CVE-2023-33237

TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
psirt@moxa.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
CVE-2023-33238

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
psirt@moxa.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
moxa tn-4900_firmware *
CVE-2023-33239

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
moxa tn-4900_firmware *
CVE-2023-3336

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
CVE-2023-34213

TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
psirt@moxa.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
CVE-2023-34214

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
psirt@moxa.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
moxa tn-4900_firmware *
CVE-2023-34215

TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
CVE-2023-34216

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2
psirt@moxa.com 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
moxa tn-4900_firmware *
CVE-2023-34217

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2
psirt@moxa.com 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
moxa tn-5900_firmware *
moxa tn-4900_firmware *
CVE-2023-39979

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values.  

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
psirt@moxa.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2023-39980

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N 2.8 4.2
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2023-39981

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
psirt@moxa.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2023-39982

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6
psirt@moxa.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2023-39983

A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2023-4204

NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate firmware manipulation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
moxa nport_iaw5000a-i/o_firmware *
CVE-2023-4217

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.6 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa eds-g503_firmware *
CVE-2023-4227

A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa iologik_e4200_firmware *
CVE-2023-4228

A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4
psirt@moxa.com 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.6 1.4

Products Affected

Vendor Product Version
moxa iologik_e4200_firmware *
CVE-2023-4229

A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized data disclosures.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N 2.8 1.4
psirt@moxa.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
moxa iologik_e4200_firmware *
CVE-2023-4230

A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. This vulnerability may enable attackers to gather information for the purpose of assessing vulnerabilities and potential attack vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa iologik_e4200_firmware *
CVE-2023-4452

A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 3.9 2.5
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
moxa edr-810-2gsfp_firmware *
moxa edr-g903_firmware *
moxa edr-810-vpn-2gsfp_firmware *
moxa edr-g903-t_firmware *
moxa edr-810-2gsfp-t_firmware *
moxa edr-g902_firmware *
moxa edr-810-vpn-2gsfp-t_firmware *
moxa edr-g902-t_firmware *
CVE-2023-4929

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
psirt@moxa.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H 1.2 5.2

Products Affected

Vendor Product Version
moxa nport_ia5450ai_firmware *
moxa nport_5650-8-m-sc_firmware *
moxa nport_5150ai-m12_firmware *
moxa nport_ia5150ai-t_firmware *
moxa nport_5250a-t_firmware *
moxa nport_ia5150ai-t-iex_firmware *
moxa nport_5610-16_firmware *
moxa nport_ia-5150-t_firmware *
moxa nport_ia5150a_firmware *
moxa nport_5230a-t_firmware *
moxa nport_5650-8-hv-t_firmware *
moxa nport_5250a_firmware *
moxa nport_5110a_firmware *
moxa nport_ia5450ai-t_firmware *
moxa nport_5110-t_firmware *
moxa nport_5230a_firmware *
moxa nport_ia5000a-i/o_firmware *
moxa nport_5250ai-m12_firmware *
moxa nport_ia5250a_firmware *
moxa nport_ia-5250i-t_firmware *
moxa nport_5150ai-m12-ct_firmware *
moxa nport_ia-5150-s-sc_firmware *
moxa nport_5630-16_firmware *
moxa nport_5232_firmware *
moxa nport_5110_firmware *
moxa nport_5650-16-hv-t_firmware *
moxa nport_5650-16_firmware *
moxa nport_ia5150a-iex_firmware *
moxa nport_ia5150ai-iex_firmware *
moxa nport_ia-5250i_firmware *
moxa nport_5450-t_firmware *
moxa nport_ia5250a-iex_firmware *
moxa nport_5650-8-t_firmware *
moxa nport_ia5150ai_firmware *
moxa nport_5130_firmware *
moxa nport_5230-t_firmware *
moxa nport_ia5150a-t_firmware *
moxa nport_ia5250a-t_firmware *
moxa nport_ia5450a_firmware *
moxa nport_5110a-t_firmware *
moxa nport_ia-5150i-t_firmware *
moxa nport_5450_firmware *
moxa nport_5650-16-m-sc_firmware *
moxa nport_5150ai-m12-ct-t_firmware *
moxa nport_ia5250ai-t-iex_firmware *
moxa nport_ia-5150i-s-sc-t_firmware *
moxa nport_5650-8-dt_firmware *
moxa nport_ia-5150_firmware *
moxa nport_5450ai-m12_firmware *
moxa nport_ia-5150i-m-sc-t_firmware *
moxa nport_5150a-t_firmware *
moxa nport_ia-5150-m-sc_firmware *
moxa nport_5430_firmware *
moxa nport_5650i-8-dt-t_firmware *
moxa nport_ia-5150-m-sc-t_firmware *
moxa nport_5250ai-m12-t_firmware *
moxa nport_5610-8-dt-j_firmware *
moxa nport_5450ai-m12-ct_firmware *
moxa nport_5450i_firmware *
moxa nport_ia-5150-m-st-t_firmware *
moxa nport_5130a_firmware *
moxa nport_5450ai-m12-t_firmware *
moxa nport_ia5250ai-t_firmware *
moxa nport_5450ai-m12-ct-t_firmware *
moxa nport_5630-8_firmware *
moxa nport_5210a_firmware *
moxa nport_5650-8-dt-j_firmware *
moxa nport_ia-5150-m-st_firmware *
moxa nport_5610-8-dt-t_firmware *
moxa nport_5210-t_firmware *
moxa nport_5610-8-48v_firmware *
moxa nport_ia-5250-t_firmware *
moxa nport_5150ai-m12-t_firmware *
moxa nport_5150a_firmware *
moxa nport_p5150a-t_firmware *
moxa nport_ia5250a-t-iex_firmware *
moxa nport_ia-5150-s-sc-t_firmware *
moxa nport_ia5250ai-iex_firmware *
moxa nport_5130a-t_firmware *
moxa nport_5210_firmware *
moxa nport_5610-8-dt_firmware *
moxa nport_5650-16-s-sc_firmware *
moxa nport_p5150a_firmware *
moxa nport_ia-5150i_firmware *
moxa nport_ia-5150i-m-sc_firmware *
moxa nport_5610-8_firmware *
moxa nport_5650i-8-dt_firmware *
moxa nport_5610-16-48v_firmware *
moxa nport_5232i-t_firmware *
moxa nport_ia-5250_firmware *
moxa nport_ia5150a-t-iex_firmware *
moxa nport_5150_firmware *
moxa nport_5250ai-m12-ct-t_firmware *
moxa nport_iaw5000a-i/o_firmware *
moxa nport_5210a-t_firmware *
moxa nport_5232-t_firmware *
moxa nport_5450i-t_firmware *
moxa nport_5650-8-dt-t_firmware *
moxa nport_ia-5150i-s-sc_firmware *
moxa nport_5650-16-t_firmware *
moxa nport_5250ai-m12-ct_firmware *
moxa nport_5650-8-s-sc_firmware *
moxa nport_5232i_firmware *
moxa nport_5650-8_firmware *
moxa nport_ia5450a-t_firmware *
moxa nport_5410_firmware *
moxa nport_ia5250ai_firmware *
moxa nport_5230_firmware *
CVE-2023-5035

A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.6 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa eds-g503_firmware *
CVE-2023-5627

A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
psirt@moxa.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
moxa nport_6650-8-hv-t_firmware *
moxa nport_6650-16-hv-t_firmware *
moxa nport_6250-s-sc_firmware *
moxa nport_6610-8_firmware *
moxa nport_6650-32-hv-t_firmware *
moxa nport_6610-32_firmware *
moxa nport_6250_firmware *
moxa nport_6250-m-sc-t_firmware *
moxa nport_6650-16-48v_firmware *
moxa nport_6250-m-sc_firmware *
moxa nport_6650-8_firmware *
moxa nport_6150_firmware *
moxa nport_6650-16_firmware *
moxa nport_6650-16-t_firmware *
moxa nport_6610-16_firmware *
moxa nport_6610-32-48v_firmware *
moxa nport_6610-8-48v_firmware *
moxa nport_6650-8-t_firmware *
moxa nport_6650-32_firmware *
moxa nport_6150-t_firmware *
moxa nport_6250-t_firmware *
moxa nport_6450_firmware *
moxa nport_6650-8-48v_firmware *
moxa nport_6650-32-48v_firmware *
moxa nport_6250-s-sc-t_firmware *
moxa nport_6450-t_firmware *
moxa nport_6610-16-48v_firmware *
CVE-2023-5961

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
psirt@moxa.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
moxa iologik_e1212_firmware *
moxa iologik_e1213_firmware *
moxa iologik_e1242_firmware *
moxa iologik_e1260_firmware *
moxa iologik_e1240_firmware *
moxa iologik_e1210_firmware *
moxa iologik_e1241_firmware *
moxa iologik_e1214_firmware *
moxa iologik_e1211_firmware *
moxa iologik_e1262_firmware *
CVE-2023-5962

A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
moxa iologik_e1212_firmware *
moxa iologik_e1213_firmware *
moxa iologik_e1242_firmware *
moxa iologik_e1260_firmware *
moxa iologik_e1240_firmware *
moxa iologik_e1210_firmware *
moxa iologik_e1241_firmware *
moxa iologik_e1214_firmware *
moxa iologik_e1211_firmware *
moxa iologik_e1262_firmware *
CVE-2023-6093

A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.6 3.6
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
moxa oncell_g3150a-lte_firmware *
CVE-2023-6094

A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather sensitive information or to facilitate a subsequent attack against the target.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa oncell_g3150a-lte_firmware *
CVE-2024-0387

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 2.3 3.7

Products Affected

Vendor Product Version
moxa eds-g4008_firmware *
moxa eds-g4014_firmware *
moxa eds-4008_firmware *
moxa eds-4009_firmware *
moxa eds-4012_firmware *
moxa eds-4014_firmware *
moxa eds-g4012_firmware *
CVE-2024-1220

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 3.9 4.2

Products Affected

Vendor Product Version
moxa nport_w2250a-t_firmware *
moxa nport_w2150a-t_firmware *
moxa nport_w2250a_firmware *
moxa nport_w2150a_firmware *
CVE-2024-4638

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 2.8 4.2

Products Affected

Vendor Product Version
moxa oncell_g3470a-lte-eu_firmware *
moxa oncell_g3470a-lte-us-t_firmware *
moxa oncell_g3470a-lte-us_firmware *
moxa oncell_g3470a-lte-eu-t_firmware *
CVE-2024-4639

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 2.8 4.2

Products Affected

Vendor Product Version
moxa oncell_g3470a-lte-eu_firmware *
moxa oncell_g3470a-lte-us-t_firmware *
moxa oncell_g3470a-lte-us_firmware *
moxa oncell_g3470a-lte-eu-t_firmware *
CVE-2024-4640

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 2.8 4.2

Products Affected

Vendor Product Version
moxa oncell_g3470a-lte-eu_firmware *
moxa oncell_g3470a-lte-us-t_firmware *
moxa oncell_g3470a-lte-us_firmware *
moxa oncell_g3470a-lte-eu-t_firmware *
CVE-2024-4641

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
moxa oncell_g3470a-lte-eu_firmware *
moxa oncell_g3470a-lte-us-t_firmware *
moxa oncell_g3470a-lte-us_firmware *
moxa oncell_g3470a-lte-eu-t_firmware *
CVE-2024-4739

The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. By acquiring a valid authenticator, an attacker can pose as an authorized user and successfully access the resource.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2024-4740

MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. This vulnerability could allow an attacker to tamper with sensitive data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
moxa mxsecurity *
CVE-2024-6785

The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2
psirt@moxa.com 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
moxa mxview_one *
moxa mxview_one_central_manager 1.0.0
CVE-2024-6786

The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
psirt@moxa.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
moxa mxview_one *
CVE-2024-6787

This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6
psirt@moxa.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N 1.6 3.6

Products Affected

Vendor Product Version
moxa mxview_one *
CVE-2026-0714

A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.

Products Affected

Vendor Product Version
moxa uc-4430a-t_firmware *
moxa uc-4434a-i-t_firmware *
moxa uc-2222a-t-eu_firmware *
moxa v2406c-wl5-t_firmware *
moxa v1202-ct-t_firmware *
moxa v2406c-kl3-t_firmware *
moxa v2406c-wl3-t_firmware *
moxa uc-4450a-t-5g_firmware *
moxa uc-8220-t-lx_firmware *
moxa v2406c-kl7-ct-t_firmware *
moxa v1222-ct-t_firmware *
moxa uc-4410a-t_firmware *
moxa v2406c-kl5-t_firmware *
moxa v1222-w-ct-t_firmware *
moxa uc-3424a-t-lte_firmware *
moxa uc-3434a-t-lte-wifi_firmware *
moxa uc-4414a-i-t_firmware *
moxa uc-2222a-t-us_firmware *
moxa v2406c-wl7-t_firmware *
moxa uc-2222a-t-ap_firmware *
moxa uc-1222a_firmware *
moxa uc-8220-t-lx-us-s_firmware *
moxa uc-3430a-t-lte-wifi_firmware *
moxa uc-8220-t-lx-eu-s_firmware *
moxa v2406c-kl1-ct-t_firmware *
moxa v2406c-kl1-t_firmware *
moxa uc-4454a-t-5g_firmware *
moxa uc-2222a-t_firmware *
moxa v2406c-kl7-t_firmware *
moxa v2406c-wl1-t_firmware *
moxa v2406c-wl7-ct-t_firmware *
moxa uc-3420a-t-lte_firmware *
moxa v2406c-wl1-ct-t_firmware *
moxa uc-8210-t-lx-s_firmware *
moxa uc-8220-t-lx-ap-s_firmware *
CVE-2026-0715

Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface.  Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition if a valid image is reflashed. Remote exploitation is not possible.

Products Affected

Vendor Product Version
moxa uc-4430a-t_firmware *
moxa uc-4434a-i-t_firmware *
moxa uc-2222a-t-eu_firmware *
moxa v2406c-wl5-t_firmware *
moxa v1202-ct-t_firmware *
moxa v2406c-kl3-t_firmware *
moxa v2406c-wl3-t_firmware *
moxa uc-4450a-t-5g_firmware *
moxa uc-8220-t-lx_firmware *
moxa v2406c-kl7-ct-t_firmware *
moxa v1222-ct-t_firmware *
moxa uc-4410a-t_firmware *
moxa v2406c-kl5-t_firmware *
moxa v1222-w-ct-t_firmware *
moxa uc-3424a-t-lte_firmware *
moxa uc-3434a-t-lte-wifi_firmware *
moxa uc-4414a-i-t_firmware *
moxa uc-2222a-t-us_firmware *
moxa v2406c-wl7-t_firmware *
moxa uc-2222a-t-ap_firmware *
moxa uc-1222a_firmware *
moxa uc-8220-t-lx-us-s_firmware *
moxa uc-3430a-t-lte-wifi_firmware *
moxa uc-8220-t-lx-eu-s_firmware *
moxa v2406c-kl1-ct-t_firmware *
moxa v2406c-kl1-t_firmware *
moxa uc-4454a-t-5g_firmware *
moxa uc-2222a-t_firmware *
moxa v2406c-kl7-t_firmware *
moxa v2406c-wl1-t_firmware *
moxa v2406c-wl7-ct-t_firmware *
moxa uc-3420a-t-lte_firmware *
moxa v2406c-wl1-ct-t_firmware *
moxa uc-8210-t-lx-s_firmware *
moxa uc-8220-t-lx-ap-s_firmware *