MoxaCVEs & Vulnerabilities

287 CVEs affecting Moxa products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

awk-3131a firmware 31awk-3131a 28edr-810 firmware 21edr-810 21nport 5110 firmware 15awk-3121 14nport 5110 14awk-3121 firmware 14
CVE-2018-10702HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible to command injection via shell metacharacters.

7 Jun 2019
8.8
CVSS
CVE-2018-10701HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible to buffer overflow. By crafting a packet that contains a string of 162 characters, it is possible for an attacker to execute the attack.

7 Jun 2019
8.8
CVSS
CVE-2018-10700MEDIUM

An issue was discovered on Moxa AWK-3121 1.19 devices. It provides functionality so that an administrator can change the name of the device. However, the same functionality allows an attacker to execute XSS by injecting an XSS payload. The POST parameter "iw_board_deviceName" is susceptible to this injection.

7 Jun 2019
6.1
CVSS
CVE-2018-10699HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_privatePass" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.

7 Jun 2019
8.8
CVSS
CVE-2018-10698CRITICAL

An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET service by default. This allows an attacker who has been able to gain an MITM position to easily sniff the traffic between the device and the user. Also an attacker can easily connect to the TELNET daemon using the default credentials if they have not been changed by the user.

7 Jun 2019
9.8
CVSS
CVE-2018-10697HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.

7 Jun 2019
8.8
CVSS
CVE-2018-10696HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a web interface to allow an administrator to manage the device. However, this interface is not protected against CSRF attacks, which allows an attacker to trick an administrator into executing actions without his/her knowledge, as demonstrated by the forms/iw_webSetParameters and forms/webSetMainRestart URIs.

7 Jun 2019
8.8
CVSS
CVE-2018-10695HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides alert functionality so that an administrator can send emails to his/her account when there are changes to the device's network. However, the same functionality allows an attacker to execute commands on the device. The POST parameters "to1,to2,to3,to4" are all susceptible to buffer overflow. By crafting a packet that contains a string of 678 characters, it is possible for an attacker to execute the attack.

7 Jun 2019
8.8
CVSS
CVE-2018-10694HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between the user's computer and the device. This can allow an attacker to steal the credentials passing over the HTTP connection as well as TELNET traffic. Also an attacker can MITM the response and infect a user's computer very easily as well.

7 Jun 2019
8.1
CVSS
CVE-2018-10693HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is susceptible to a buffer overflow. By crafting a packet that contains a string of 516 characters, it is possible for an attacker to execute the attack.

7 Jun 2019
8.8
CVSS
CVE-2018-10692MEDIUM

An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily.

7 Jun 2019
6.1
CVSS
CVE-2018-10691HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log (the system log). However, the same functionality allows an attacker to download the file without any authentication or authorization.

7 Jun 2019
7.5
CVSS
CVE-2018-10690HIGH

An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such as credentials.

7 Jun 2019
8.1
CVSS
CVE-2019-6526CRITICAL

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password.

15 Apr 2019
9.8
CVSS
CVE-2015-6458HIGH

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

21 Mar 2019
8.8
CVSS
CVE-2015-6457HIGH

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

21 Mar 2019
8.8
CVSS
CVE-2016-5819MEDIUM

Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.

21 Mar 2019
6.1
CVSS
CVE-2019-6565MEDIUM

Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script.

5 Mar 2019
6.1
CVSS
CVE-2019-6563CRITICAL

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device.

5 Mar 2019
9.8
CVSS
CVE-2019-6561HIGH

Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device.

5 Mar 2019
8.8
CVSS
CVE-2019-6559MEDIUM

Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash.

5 Mar 2019
6.5
CVSS
CVE-2019-6557CRITICAL

Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution.

5 Mar 2019
9.8
CVSS
CVE-2019-6524CRITICAL

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack.

5 Mar 2019
9.8
CVSS
CVE-2019-6522CRITICAL

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.

5 Mar 2019
9.1
CVSS
CVE-2019-6520HIGH

Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes.

5 Mar 2019
7.5
CVSS
CVE-2019-6518HIGH

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.

5 Mar 2019
7.5
CVSS
CVE-2018-19660HIGH

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user.

7 Dec 2018
8.8
CVSS
CVE-2018-19659HIGH

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root user. This is similar to CVE-2017-12120.

7 Dec 2018
8.8
CVSS
CVE-2018-18396CRITICAL

Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
9.8
CVSS
CVE-2018-18395CRITICAL

Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
9.8
CVSS
CVE-2018-18394CRITICAL

Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
9.8
CVSS
CVE-2018-18393CRITICAL

Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
9.8
CVSS
CVE-2018-18392HIGH

Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
8.8
CVSS
CVE-2018-18391HIGH

User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
8.8
CVSS
CVE-2018-18390HIGH

User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

19 Oct 2018
7.5
CVSS
CVE-2018-16282HIGH

A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.

20 Sep 2018
8.8
CVSS
CVE-2018-10632HIGH

In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition.

24 Jul 2018
7.5
CVSS
CVE-2017-14439HIGH

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vulnerability.

14 May 2018
7.5
CVSS
CVE-2017-14438HIGH

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability.

14 May 2018
7.5
CVSS
CVE-2017-14437HIGH

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_LOG.ini" without a cookie header to trigger this vulnerability.

14 May 2018
7.5
CVSS
CVE-2017-14436HIGH

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG2.ini" without a cookie header to trigger this vulnerability.

14 May 2018
7.5
CVSS
CVE-2017-14435HIGH

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability.

14 May 2018
7.5
CVSS
CVE-2017-14434HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetmask0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

14 May 2018
8.8
CVSS
CVE-2017-14433HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

14 May 2018
8.8
CVSS
CVE-2017-14432HIGH

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the openvpnServer0_tmp= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

14 May 2018
8.8
CVSS
CVE-2017-12129HIGH

An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and could brute force them.

14 May 2018
8.0
CVSS
CVE-2017-12128HIGH

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability.

14 May 2018
7.5
CVSS
CVE-2017-12127MEDIUM

A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.

14 May 2018
4.4
CVSS