Shodan
Vulnerabilities
Vulnerable Software
Moxa:  Security Vulnerabilities
CVE-2020-6981
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-03-24
CVE-2020-6993
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-24
CVE-2020-6995
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-03-24
CVE-2020-6985
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-03-24
CVE-2020-6983
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-24
CVE-2020-6987
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-24
CVE-2020-6989
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.014
Published
2020-03-24
CVE-2020-7003
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-24
CVE-2019-18242
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-24
CVE-2019-9102
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-03-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved