Moxa NPort IA5150A/IA5250A Series Improper Access Control (CVE-2020-27149)

By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with Read Only privilege level can send requests via the web console to have the device's configuration changed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...

Design/Logic Flaw

By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed...

CVE-2020-27149

CVE-2020-27149 affects MOXA NPort IA5150A/IA5250A Series prior to firmware 1.5. The root cause is an improper access control that lets a Read-Only user send requests via the web console to modify device configuration. Impact is device configuration changes with no conf confidentiality or availabi...

Moxa NPort IA5150A Series Sensitive Information Explicit Transmission Vulnerability

The Moxa NPort IA5150A Series is a set of industrial control device servers.The Moxa NPort IA5150A Series is vulnerable to the transfer of sensitive information in clear text, allowing remote attackers to exploit the vulnerability to submit special requests that can obtain sensitive information...

Moxa NPort IA5150A Series Credential Explicit Storage Vulnerability

Moxa NPort IA5150A Series is a set of industrial control device servers.The Moxa NPort IA5150A Series is vulnerable to a credential plaintext storage vulnerability, which can be exploited by remote attackers to submit ad hoc requests that can obtain sensitive information...