12 matches found
Moxa IKS, EDS Missing Encryption of Sensitive Data (CVE-2019-6526)
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
Moxa Switch IKS-G6824A Detection
Binary data 764388.prm...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
Default credentials
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-6526
CVE-2019-6526 affects Moxa IKS-G6824A (v5.6 and prior) and EDS-405A/408A/510A (v3.8 and prior). The root cause is plaintext transmission of sensitive data, enabling potential capture of credentials such as an administrative password. Remediation per sources: apply firmware patches and consider co...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to gain unauthorized access to the device.
The vulnerability of the Moxa IKS-G6824A switch’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the device...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to execute arbitrary code.
The vulnerability of Moxa IKS-G6824A microcontroller-based software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to gain unauthorized access to the device.
The vulnerability of Moxa IKS-G6824A microcontroller-based software is related to insufficient verification of the authenticity of executed requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to perform a cross-site scripting attack.
The vulnerability of the Moxa IKS-G6824A switch’s microprogramming software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform a cross-site scripting attack remotely...
Moxa IKS and EDS ICSA-19-057-01 Multiple Security Vulnerabilities
Description Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6...