EUVD-2015-6407

Malware in sbrugna...

EUVD-2015-6405

Malware in sbrugna...

Moxa IKS, EDS Missing Encryption of Sensitive Data (CVE-2019-6526)

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

Denial of Service Vulnerability in MOXA EDS-405A Industrial Switch

The EDS-405A/408A series are 5-port and 8-port entry-level managed Ethernet switches designed for industrial applications. A denial-of-service vulnerability exists in the MOXA EDS-405A industrial switches, which can be exploited by an attacker to construct a special data message that can cause th...

Moxa Switch EDS-405A Detection

Binary data 764385.prm...

CVE-2019-6526

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

CVE-2019-6526

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

Default credentials

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

CVE-2019-6526

CVE-2019-6526 affects Moxa IKS-G6824A (v5.6 and prior) and EDS-405A/408A/510A (v3.8 and prior). The root cause is plaintext transmission of sensitive data, enabling potential capture of credentials such as an administrative password. Remediation per sources: apply firmware patches and consider co...

CVE-2019-6526

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

Moxa IKS and EDS ICSA-19-057-01 Multiple Security Vulnerabilities

Description Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6...

PT-2017-3772 · Moxa · Moxa Eds-405A +3

Name of the Vulnerable Software and Affected Versions: Moxa EDS-405A versions affected versions not specified Moxa EDS-408A versions affected versions not specified Moxa EDS-510A versions affected versions not specified Moxa IKS versions affected versions not specified Description: The issue is...

Moxa EDS-405A/408A < 3.6 Multiple Vulnerabilities

Moxa EDS-405A and EDS-408A devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...

CVE-2015-6465

The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service reboot via a crafted URL...

Code injection

The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service reboot via a crafted URL...

Cross site scripting

Cross-site scripting XSS vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field...

CVE-2015-6466

Cross-site scripting XSS vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field...

CVE-2015-6465

The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service reboot via a crafted URL...

CVE-2015-6464

CVE-2015-6464 affects Moxa EDS-405A/EDS-408A switches. The administrative web interface contains an improper privilege management flaw that lets remote authenticated users bypass the read-only protection via a Firefox web developer plugin. Impact: elevation of privileges (read/write where only re...

CVE-2015-6464

The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin...