Latest Moxa Vulnerabilities

CVE-2023-6094
OnCell G3150A-LTE Series: Web Server Transmits Cleartext Credentials
Moxa Oncell G3150a-lte Firmware<=1.3
Moxa Oncell G3150a-lte
CVE-2023-6093
OnCell G3150A-LTE Series: Clickjacking Vulnerability
Moxa Oncell G3150a-lte Firmware<=1.3
Moxa Oncell G3150a-lte
CVE-2023-5962
ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability
Moxa Iologik E1210 Firmware<3.3
Moxa ioLogik E1210
Moxa Iologik E1211 Firmware<3.3
Moxa Iologik E1211
Moxa Iologik E1212 Firmware<3.3
Moxa Iologik E1212
and 14 more
CVE-2023-5961
ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability
Moxa Iologik E1210 Firmware<3.3
Moxa ioLogik E1210
Moxa Iologik E1211 Firmware<3.3
Moxa Iologik E1211
Moxa Iologik E1212 Firmware<3.3
Moxa Iologik E1212
and 14 more
CVE-2023-5035
Cookie Without Secure Flag
Moxa Eds-g503 Firmware<5.2
Moxa Eds-g503
CVE-2023-4217
Session cookies attribute not set properly
Moxa Eds-g503 Firmware<5.2
Moxa Eds-g503
CVE-2023-5627
Incorrect Implementation of Authentication Algorithm Vulnerability
Moxa Nport 6150-t Firmware<=1.21
Moxa Nport 6150-t
Moxa Nport 6150 Firmware<=1.21
Moxa Nport 6150
Moxa Nport 6250-m-sc-t Firmware<=1.21
Moxa Nport 6250-m-sc-t
and 48 more
CVE-2023-4929
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgra...
Moxa Nport 5150ai-m12-ct-t Firmware<=1.5
Moxa Nport 5150ai-m12-ct-t
Moxa Nport 5250ai-m12-ct-t Firmware<=1.5
Moxa Nport 5250ai-m12-ct-t
Moxa Nport 5150ai-m12-t Firmware<=1.5
Moxa Nport 5150ai-m12-t
and 248 more
CVE-2023-39983
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an...
Moxa Mxsecurity<=1.0.1
CVE-2023-39980
A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not...
Moxa Mxsecurity<=1.0.1
CVE-2023-39982
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulne...
Moxa Mxsecurity<=1.0.1
CVE-2023-39981
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading t...
Moxa Mxsecurity<=1.0.1
CVE-2023-39979
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficie...
Moxa Mxsecurity<1.1.0
CVE-2023-4230
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series ...
Moxa Iologik E4200 Firmware<=1.6
Moxa Iologik E4200
CVE-2023-4229
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to tri...
Moxa Iologik E4200 Firmware<=1.6
Moxa Iologik E4200
CVE-2023-4228
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vu...
Moxa Iologik E4200 Firmware<=1.6
Moxa Iologik E4200
CVE-2023-4227
A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to t...
Moxa Iologik E4200 Firmware<=1.6
Moxa Iologik E4200
CVE-2023-34216
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficien...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
Moxa Tn-4900 Firmware<=1.2.4
Moxa Tn-4900
CVE-2023-34217
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient ...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
Moxa Tn-4900 Firmware<=1.2.4
Moxa Tn-4900
CVE-2023-34215
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the ce...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
CVE-2023-33238
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate in...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
Moxa Tn-4900 Firmware<=1.2.4
Moxa Tn-4900
CVE-2023-34214
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient ...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
Moxa Tn-4900 Firmware<=1.2.4
Moxa Tn-4900
CVE-2023-34213
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-ge...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
CVE-2023-33239
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient ...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
Moxa Tn-4900 Firmware<=1.2.4
Moxa Tn-4900
CVE-2023-33237
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API hand...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
CVE-2023-4204
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vul...
Moxa Nport Iaw5000a-i\/o Firmware<=2.2
Moxa Nport Iaw5000a-i\/o
CVE-2023-3336
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recove...
Moxa Tn-5900 Firmware<=3.3
Moxa TN-5900
CVE-2023-33236
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authenticat...
Moxa Mxsecurity=1.0
CVE-2023-33235
MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization ...
Moxa Mxsecurity=1.0
CVE-2023-28697
Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to perform arbitrary system operation or disrupt service.
Moxa Miineport E1 Firmware=1.7.2
Moxa MiiNePort E1
CVE-2023-1257
An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacke...
Moxa Uc-2101-lx Firmware>=1.3<=1.5
Moxa Uc-2101-lx
Moxa Uc-2102-lx Firmware>=1.3<=1.5
Moxa Uc-2102-lx
Moxa Uc-2102-t-lx Firmware>=1.3<=1.5
Moxa Uc-2102-t-lx
and 103 more
CVE-2022-41313
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary J...
Moxa Sds-3008 Firmware<=2.1
Moxa SDS-3008
Moxa Sds-3008-t Firmware<=2.1
Moxa Sds-3008-t
CVE-2022-41311
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary J...
Moxa Sds-3008 Firmware<=2.1
Moxa SDS-3008
Moxa Sds-3008-t Firmware<=2.1
Moxa Sds-3008-t
CVE-2022-40693
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure...
Moxa Sds-3008 Firmware<=2.1
Moxa SDS-3008
Moxa Sds-3008-t Firmware<=2.1
Moxa Sds-3008-t
CVE-2022-40691
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of...
Moxa Sds-3008 Firmware<=2.1
Moxa SDS-3008
Moxa Sds-3008-t Firmware<=2.1
Moxa Sds-3008-t
CVE-2022-40224
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. ...
Moxa Sds-3008 Firmware<=2.1
Moxa SDS-3008
Moxa Sds-3008-t Firmware<=2.1
Moxa Sds-3008-t
CVE-2022-3086
Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may...
Moxa Uc-8580-t-lx Firmware=1.1
Moxa Uc-8580-t-lx
Moxa Uc-8580-t-ct-lx Firmware=1.1
Moxa Uc-8580-t-ct-lx
Moxa Uc-8580-t-q-lx Firmware=1.1
Moxa Uc-8580-t-q-lx
and 99 more
CVE-2022-3088
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12,&nbsp;UC-3100 System Image: Versions v1.0 to v1.6,&nbsp...
Moxa Uc-2101-lx Firmware>=1.0<=1.12
Moxa Uc-2101-lx
Moxa Uc-2102-lx Firmware>=1.0<=1.2
Moxa Uc-2102-lx
Moxa Uc-2104-lx Firmware>=1.0<=1.2
Moxa Uc-2104-lx
and 134 more
CVE-2022-2044
MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking ...
Moxa Nport 5110 Firmware=2.10
Moxa NPort 5110
CVE-2022-2043
Moxa Nport 5110 Firmware=2.10
Moxa NPort 5110
CVE-2022-27048
Moxa Mgate Mb3170i Firmware<=4.2
Moxa Mgate Mb3170i
Moxa Mgate Mb3170i-t Firmware<=4.2
Moxa Mgate Mb3170i-t
Moxa Mgate Mb3170-m-st Firmware<=4.2
Moxa Mgate Mb3170-m-st
and 34 more
CVE-2021-40392
An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sni...
Moxa MXview=3.2.4
CVE-2021-40390
Moxa MXview=3.2.4
CVE-2021-32968
Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition.
Moxa Nport Iaw5150a-6i\/o Firmware<=2.2
Moxa Nport Iaw5150a-6i\/o
Moxa Nport Iaw5150a-12i\/o Firmware<=2.2
Moxa Nport Iaw5150a-12i\/o
Moxa Nport Iaw5250a-6i\/o Firmware<=2.2
Moxa Nport Iaw5250a-6i\/o
and 2 more
CVE-2021-46082
Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause...
Moxa Tn-5916-wv-t Firmware<=3.1
Moxa Tn-5916-wv-t
Moxa Tn-5916-wv-ct-t Firmware<=3.1
Moxa Tn-5916-wv-ct-t
Moxa Mgate 5109 Firmware<=2.2
Moxa Mgate 5109
and 6 more
CVE-2021-4161
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP we...
Moxa Mgate Mb3180 Firmware<=2.2
MOXA Mgate MB3180
Moxa Mgate Mb3280 Firmware<=4.1
Moxa Mgate Mb3280
Moxa Mgate Mb3480 Firmware<=3.2
Moxa Mgate Mb3480
CVE-2021-38454
Moxa MXview>=3.0<=3.2.2
CVE-2021-38456
A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords
Moxa MXview>=3.0<=3.2.2
CVE-2021-38458
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs o...
Moxa MXview>=3.0<=3.2.2
CVE-2021-39278
Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3,...
Moxa Wac-2004 Firmware=1.7
Moxa Wac-2004
Moxa Wac-1001 Firmware=2.1
Moxa Wac-1001
Moxa Wac-1001-t Firmware=2.1
Moxa Wac-1001-t
and 18 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203