9 matches found
Code injection
Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...
CVE-2018-18393
Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...
CVE-2018-18392
Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...
CVE-2018-18390
User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...
CVE-2018-18394
Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...
CVE-2018-18395
Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...
CVE-2018-18395
CVE-2018-18395 affects Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1. A vulnerability described as Hidden Token Access exists, with CNVD reporting that a remote attacker could gain root privileges and execute arbitrary code via a hidden API token. The CVE’s CVSS scores...
CVE-2018-18392
CVE-2018-18392 describes a privilege escalation due to broken access control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions, version 2.1. Affected component is the ThingsPro product suite; the root cause is improper access control allowing elevation of privileges. Impact ...
CVE-2018-18392
Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1...