Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of Hard-Coded Credentials (CVE-2020-6981)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Weak Password Requirements (CVE-2020-6991)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-7001)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Stack-Based Buffer Overflow (CVE-2020-7007)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Cleartext Transmission of Sensitive Information (CVE-2020-6997)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Moxa EDS-G516E and EDS-510E series buffer overflow vulnerability (CNVD-2020-13515)

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A buffer overflow vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by an attacker to execute arbitrary code or cause a denial of service...

Moxa EDS-G516E and EDS-510E series hard-coded vulnerabilities

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A hard-coded vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by an attacker to recover confidential data...

Moxa EDS-G516E and EDS-510E series weak cryptographic algorithm vulnerability

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A weak cryptographic algorithm vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by attackers to obtain sensitive information...

Moxa EDS-G516E and EDS-510E series hard credential vulnerability

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A hard credential vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by an attacker to gain access to the system without proper authentication...

Moxa EDS-G516E and EDS-510E series weak password vulnerability

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A weak password vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by attackers to obtain sensitive information...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

The vulnerability of the microprogrammed software of Moxa EDS-G516E and Moxa EDS-510E switches lies in the lack of restrictions on excessive authentication attempts, allowing a hacker to gain full access to the system.

The vulnerability of the microprogramming software of Moxa EDS-G516E and Moxa EDS-510E switches lies in the lack of restrictions on excessive authentication attempts. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain full access to the system by brute-forcing the...

The vulnerability of the SwitchDHCPSetting component within the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a perpetrator to cause service interruptions.

The vulnerability of the SwitchDHCPSetting component within the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures by modifying the...

The vulnerability of the dot1xRadiusServerSetting function in the embedded web server of the Moxa EDS-G516E and Moxa EDS-510E microcontroller software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the dot1xRadiusServerSetting function in the embedded web server of the Moxa EDS-G516E and Moxa EDS-510E microcontroller software systems is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a...

The vulnerability of the PTPSettingEnable component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a hacker to cause a service failure.

The vulnerability of the PTPSettingEnable component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions by modifying the configuration file remote...

The vulnerability of the microprogrammed software of Moxa EDS-G516E and Moxa EDS-510E switches, which is related to the default use of the HTTP protocol, allows attackers to intercept administrator credentials and other confidential information, thereby gaining access to the control system.

The vulnerability of the microprogrammed software of Moxa EDS-G516E and Moxa EDS-510E switches is related to the default use of the HTTP protocol in implementing the “Basic HTTP Authentication” method. Exploiting this vulnerability allows a malicious actor to remotely intercept administrator...