Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moxa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4694
Moxa EDR-G903 series routers with firmware prior to 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle malicious users to spoof a device or modify a client-server data stream by leveraging knowledge of a key fr...
Moxa Edr G903 Firmware
Moxa Edr G903 Firmware 2.1
Moxa Edr G903 Firmware 2.0
Moxa Edr G903 Firmware 1.0
Moxa Edr-g903 -
8.8
CVSSv3
CVE-2016-2285
Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmwar...
Moxa Miineport E2 1242 Firmware 1.1
Moxa Miineport E2 4561 Firmware 1.1
Moxa Miineport E1 7080 Firmware 1.1.10
Moxa Miineport E3 Firmware 1.0
Moxa Miineport E1 4641 Firmware 1.1.10
7.5
CVSSv3
CVE-2016-2286
Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with...
Moxa Miineport E2 1242 Firmware 1.1
Moxa Miineport E1 7080 Firmware 1.1.10
Moxa Miineport E2 4561 Firmware 1.1
Moxa Miineport E3 Firmware 1.0
Moxa Miineport E1 4641 Firmware 1.1.10
7.5
CVSSv3
CVE-2016-2295
Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with...
Moxa Miineport E2 1242 Firmware 1.1
Moxa Miineport E1 4641 Firmware 1.1.10
Moxa Miineport E2 4561 Firmware 1.1
Moxa Miineport E3 Firmware 1.0
Moxa Miineport E1 7080 Firmware 1.1.10
7.5
CVSSv3
CVE-2016-9344
An issue exists in Moxa MiiNePort E1 versions before 1.8, E2 versions before 1.4, and E3 versions before 1.1. An attacker may be able to brute force an active session cookie to be able to download configuration files.
Moxa Miineport E1 Firmware
Moxa Miineport E2 Firmware
Moxa Miineport E3 Firmware
5.3
CVSSv3
CVE-2016-9346
An issue exists in Moxa MiiNePort E1 versions before 1.8, E2 versions before 1.4, and E3 versions before 1.1. Configuration data are stored in a file that is not encrypted.
Moxa Miineport E1 Firmware
Moxa Miineport E2 Firmware
Moxa Miineport E3 Firmware
6.5
CVSSv3
CVE-2020-27149
By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed.
Moxa Nport Ia5150a Firmware
Moxa Nport Ia5250a Firmware
Moxa Nport Ia5450a Firmware
5.9
CVSSv3
CVE-2020-27184
The NPort IA5000A Series devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-the-Middle attacks.
Moxa Nport Ia5150a Firmware
Moxa Nport Ia5250a Firmware
Moxa Nport Ia5450a Firmware
7.5
CVSSv3
CVE-2020-27150
In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-shared key” doesn’t set.
Moxa Nport Ia5150a Firmware
Moxa Nport Ia5250a Firmware
Moxa Nport Ia5450a Firmware
7.5
CVSSv3
CVE-2020-27185
Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable malicious users to read authentication data, device configuration, and other sensitive data transmitted over Moxa Servic...
Moxa Nport Ia5150a Firmware
Moxa Nport Ia5250a Firmware
Moxa Nport Ia5450a Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »