71 matches found
EUVD-2020-17889
Malware in sbrugna...
EUVD-2020-17844
Malware in sbrugna...
CVE-2021-32976
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code...
CVE-2021-32968
Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition...
Moxa NPort IAW5000A-I/O Series Hardcoded Credentials (CVE-2023-4204)
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerability which poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
MOXA NPort IAW5000A-I/O Series Hard-Coded Credential Vulnerability
MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, China. The server enables the integration of field serial devices with wireless Ethernet networks and incorporates digital IOs for industrial data acquisition applications. A hard-coded...
CVE-2023-4204
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
Hardcoded credentials
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204 NPort IAW5000A-I/O Series Hardcoded Credential Vulnerability
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204 NPort IAW5000A-I/O Series Hardcoded Credential Vulnerability
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204
The CVE-2023-4204 entry applies to MOXA NPort IAW5000A-I/O Series devices. Affected firmware versions are v2.2 and prior. The vulnerability stems from a hardcoded credential (key) embedded in the device, which could potentially allow firmware manipulation and compromise of the device’s security a...
MOXA NPort IAW5000A-I/O Series 信任管理问题漏洞
MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, China. The server enables the integration of field serial devices with wireless Ethernet networks and incorporates digital IOs for industrial data acquisition applications. A hard-coded...
MOXA NPort IAW5000A-I/O Series Weak Password Requirements (CVE-2020-25153)
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-Based Buffer Overflow (CVE-2021-32976)
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. This plugin only works with Tenable.ot. Please visit...
MOXA NPort IAW5000A-I/O Series Exposure of Sensitive Information to an Unauthorized Actor (CVE-2020-25192)
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
MOXA NPort IAW5000A-I/O Series Improper Restriction of Excessive Authentication Attempts (CVE-2020-25196)
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Neutralization of Special Elements Used in an OS Command (CVE-2021-32974)
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
MOXA NPort IAW5000A-I/O Series Session Fixation (CVE-2020-25198)
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user's cookies. This plugin only works with Tenable.ot. Please vis...
Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Input Validation (CVE-2021-32970)
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions. This plugin only works with Tenable.ot. Please visit...