55 matches found
EUVD-2019-16077
Malware in sbrugna...
EUVD-2019-16118
Malware in sbrugna...
EUVD-2019-16081
Malware in sbrugna...
EUVD-2019-16116
Malware in sbrugna...
EUVD-2019-16124
Malware in sbrugna...
EUVD-2019-16083
Malware in sbrugna...
EUVD-2019-16079
Malware in sbrugna...
EUVD-2019-16122
Malware in sbrugna...
EUVD-2019-16120
Malware in sbrugna...
Moxa IKS, EDS Improper Neutralization of Input During Web Page Generation (CVE-2019-6565)
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Moxa IKS, EDS Improper Restriction of Excessive Authentication Attempts (CVE-2019-6524)
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Default credentials
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to gain unauthorized access to the device.
The vulnerability of the Moxa IKS-G6824A switch’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the device...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to execute arbitrary code.
The vulnerability of Moxa IKS-G6824A microcontroller-based software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to gain unauthorized access to the device.
The vulnerability of Moxa IKS-G6824A microcontroller-based software is related to insufficient verification of the authenticity of executed requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device...
The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to perform a cross-site scripting attack.
The vulnerability of the Moxa IKS-G6824A switch’s microprogramming software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform a cross-site scripting attack remotely...
The vulnerability of the microprogramming software used in Moxa EDS and IKS switches allows a intruder to gain unauthorized access to protected information.
The vulnerability of Moxa EDS and IKS microcontroller software lies in the use of a predictable cookie file during hashing. Exploiting this vulnerability allows an attacker operating remotely to gain unauthorized access to protected information...
CVE-2019-6524
CVE-2019-6524 affects Moxa IKS/EDS industrial switches. The ICS advisory (ICSA-19-057-01) and Tenable plugin summarize brute-force style failures allowing password discovery via excessive authentication attempts. Affected products include IKS-G6824A series (versions 5.6 and earlier) and EDS serie...
CVE-2019-6559
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash...