27 matches found
EUVD-2015-6407
Malware in sbrugna...
EUVD-2015-6405
Malware in sbrugna...
The vulnerability in the embedded web server software of GoAhead’s Ethernet switch microprogramming systems of the Moxa EDS-405A and Moxa EDS-408A series allows a intruder to cause service interruptions.
The vulnerability in the embedded web server software of GoAhead’s Ethernet switch microprogramming devices of the Moxa EDS-405A and Moxa EDS-408A series is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the administrative web interface of the Microprogrammable Ethernet switches from the Moxa EDS-405A and Moxa EDS-408A series allows attackers to circumvent security restrictions and gain increased privileges.
The vulnerability of the administrative web interface of Microprogramming Software for Ethernet switches of the Moxa EDS-405A and Moxa EDS-408A series is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain...
Moxa IKS, EDS Missing Encryption of Sensitive Data (CVE-2019-6526)
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
Moxa Switch EDS-408A Detection
Binary data 764386.prm...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
Default credentials
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-6526
CVE-2019-6526 affects Moxa IKS-G6824A (v5.6 and prior) and EDS-405A/408A/510A (v3.8 and prior). The root cause is plaintext transmission of sensitive data, enabling potential capture of credentials such as an administrative password. Remediation per sources: apply firmware patches and consider co...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
Moxa IKS and EDS ICSA-19-057-01 Multiple Security Vulnerabilities
Description Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6...
PT-2017-3772 · Moxa · Moxa Eds-405A +3
Name of the Vulnerable Software and Affected Versions: Moxa EDS-405A versions affected versions not specified Moxa EDS-408A versions affected versions not specified Moxa EDS-510A versions affected versions not specified Moxa IKS versions affected versions not specified Description: The issue is...
Moxa EDS-405A/408A < 3.6 Multiple Vulnerabilities
Moxa EDS-405A and EDS-408A devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
CVE-2015-6465
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service reboot via a crafted URL...
Code injection
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service reboot via a crafted URL...
Cross site scripting
Cross-site scripting XSS vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field...
CVE-2015-6464
CVE-2015-6464 affects Moxa EDS-405A/EDS-408A switches. The administrative web interface contains an improper privilege management flaw that lets remote authenticated users bypass the read-only protection via a Firefox web developer plugin. Impact: elevation of privileges (read/write where only re...
CVE-2015-6466
Cross-site scripting XSS vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field...
CVE-2015-6465
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service reboot via a crafted URL...