9 matches found
CVE-2023-4204
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Input Validation (CVE-2021-32970)
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions. This plugin only works with Tenable.ot. Please visit...
CVE-2021-32976 Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-based Buffer Overflow
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code...
CVE-2021-32968
CVE-2021-32968 affects Moxa NPort IAW5000A-I/O Series Serial Device Server firmware version 2.2 and earlier, where two buffer overflows in the built-in web server may allow a remote attacker to cause a denial-of-service. The vulnerability is documented across multiple sources (NVD, Red Hat, ICS-C...
CVE-2021-32968 Moxa NPort IAW5000A-I/O Series Serial Device Server Classic Buffer Overflow
Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition...
Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6087)
An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...
Moxa NPort IAW5000A-I/O Series Serial Device Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: NPort IAW5000A-I/O Series Wireless Device Server Vulnerabilities: Classic Buffer Overflow, Stack-based Buffer Overflow, Improper Input Validation, OS Command Injection 2. RISK EVALUATION...
MOXA NPort IAW5000A-I/O Series
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MOXA Equipment: NPort IAW5000A-I/O Series Vulnerabilities: Session Fixation, Improper Privilege Management, Weak Password Requirements, Cleartext Transmission of Sensitive Information, Improper...
The software vulnerabilities of the NPort IAW5000A-I/O Series web servers, related to weak password requirements, allow attackers to compromise user credentials.
The vulnerability of the NPort IAW5000A-I/O Series web server software is related to weak password requirements. Exploiting this vulnerability could allow a malicious actor to compromise user credentials remotely...