CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Moxa: >> Nport W2x50a Firmware >> 1.11 Security Vulnerabilities

CVE-2018-19659

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root user. This is similar to CVE-2017-12120.

CVSS Score

8.8

EPSS Score

0.006

Published

2018-12-06

CVE-2018-19660

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user.

CVSS Score

8.8

EPSS Score

0.005

Published

2018-12-06

Page 1

Vulnerabilities

Vulnerable Software

Moxa: >> Nport W2x50a Firmware >> 1.11 Security Vulnerabilities

Products

Pricing

Contact Us