Moxa Mxsecurity Series
10 CVEs affecting Moxa Mxsecurity Series. Latest disclosed: 2025-12-10. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-39979 | Critical | 9.8 | 2023-09-02 | There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the… |
CVE-2023-33236 | Critical | 9.8 | 2023-05-22 | MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT t… |
CVE-2023-39982 | High | 7.5 | 2023-09-02 | A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications a… |
CVE-2023-39981 | High | 7.5 | 2023-09-02 | A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authe… |
CVE-2023-33235 | High | 7.2 | 2023-05-22 | MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by… |
CVE-2023-39980 | High | 7.1 | 2023-09-02 | A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerabi… |
CVE-2024-4740 | Medium | 5.3 | 2024-10-18 | MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. This vulnerability could allow an attacker to tamper… |
CVE-2024-4739 | Medium | 5.3 | 2024-10-18 | The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. By acquiring a valid authe… |
CVE-2023-39983 | Medium | 5.3 | 2023-09-02 | A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to… |
CVE-2025-9315 | | 2025-12-10 | An unauthenticated device registration vulnerability, caused by Improperly Controlled Modification of Dynamically-Determined Object Attributes, has been identi… |