Talos Moxa
19 CVEs affecting Talos Moxa. Latest disclosed: 2018-05-14. Critical: 2, High: 15.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14459 | Critical | 10.0 | 2018-04-11 | An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wi… |
CVE-2016-8717 | Critical | 9.8 | 2018-04-02 | An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system… |
CVE-2017-14434 | High | 8.8 | 2018-05-14 | An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can ca… |
CVE-2017-14433 | High | 8.8 | 2018-05-14 | An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can ca… |
CVE-2017-14432 | High | 8.8 | 2018-05-14 | An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can ca… |
CVE-2017-12126 | High | 8.8 | 2018-05-14 | An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP pa… |
CVE-2017-12125 | High | 8.8 | 2018-05-14 | An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can ca… |
CVE-2017-12123 | High | 8.8 | 2018-05-14 | An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. An atta… |
CVE-2017-12121 | High | 8.8 | 2018-05-14 | An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can ca… |
CVE-2017-12120 | High | 8.8 | 2018-05-14 | An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can ca… |
CVE-2017-12129 | High | 8.0 | 2018-05-14 | An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could inte… |
CVE-2017-14439 | High | 7.5 | 2018-05-14 | Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cau… |
CVE-2017-14438 | High | 7.5 | 2018-05-14 | Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cau… |
CVE-2017-14437 | High | 7.5 | 2018-05-14 | An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cau… |
CVE-2017-14436 | High | 7.5 | 2018-05-14 | An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cau… |
CVE-2017-14435 | High | 7.5 | 2018-05-14 | An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cau… |
CVE-2017-12128 | High | 7.5 | 2018-05-14 | An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packe… |
CVE-2017-12124 | Medium | 6.5 | 2018-05-14 | An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cau… |
CVE-2017-12127 | Medium | 4.4 | 2018-05-14 | A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract… |