94 matches found
CVE-2021-33824
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service...
EUVD-2021-20498
Malware in sbrugna...
EUVD-2021-20499
Malware in sbrugna...
EUVD-2019-18481
Malware in sbrugna...
EUVD-2016-6739
Malware in sbrugna...
EUVD-2019-18484
Malware in sbrugna...
EUVD-2022-31588
Malicious code in bioql PyPI...
CVE-2022-27048
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle MITM attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 ...
CVE-2021-33823
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service...
CVE-2020-8858
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from...
The vulnerability of the Login Message function in the microprogrammed industrial Ethernet switches Moxa MGate allows a attacker to perform XSS attacks.
The vulnerability of the Login Message function in the microprogrammed industrial Ethernet switches Moxa MGate relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
Moxa MGate Authentication Bypass (CVE-2016-5804)
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value. This plugin only works with...
Moxa MGate 5105-MB-EIP DestIP Command Injection Remote Code Execution (CVE-2020-8858)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from...
The vulnerability of Moxa MGate industrial Ethernet switches’ microprogramming software is related to improper security requirements, allowing attackers to perform a “man-in-the-middle” attack.
The vulnerability of Microprogrammed Industrial Ethernet Switches Moxa MGate is related to incorrect security requirements. Exploiting this vulnerability can allow a remote attacker to execute a “Man-in-the-Middle” attack...
Vulnerability fixed in Moxa MGate
A vulnerability has been fixed in Moxa MGate. The vulnerability allows a malicious party to gain a man-in-the-middle MITM position on the vulnerable system. Moxa has released updates to fix the vulnerability. More information can be found on the page below:...
CVE-2022-27048
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle MITM attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 ...
CVE-2022-27048
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle MITM attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 ...
Design/Logic Flaw
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle MITM attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 ...
CVE-2022-27048
CVE-2022-27048 affects Moxa MGate protocol gateways (MB3170, MB3270, MB3280, MB3480) with firmware versions at or below 4.2/4.1/3.2 depending on model, where a MITM vulnerability is possible via network-facing components. The issue is described as enabling a man-in-the-middle attack on vulnerable...
CVE-2022-27048
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle MITM attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 ...