Lucene search
+L

163 matches found

CNNVD
CNNVD
added 2023/08/24 12:0 a.m.5 views

MOXA ioLogik 4000 Series 安全漏洞

MOXA ioLogik 4000 Series is a series of general-purpose controllers from China-based MOXA. A security vulnerability exists in MOXA ioLogik 4000 Series v1.6 and earlier versions, which stems from the session cookie attribute not being set correctly, potentially allowing user session data to be...

4.3CVSS5AI score0.00299EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/24 12:0 a.m.6 views

PT-2023-4557 · Moxa · Iologik 4000 Series

Name of the Vulnerable Software and Affected Versions: ioLogik 4000 Series ioLogik E4200 versions v1.6 and prior Description: A vulnerability has been identified that can be exploited by malicious actors to potentially gain unauthorized access to the product, leading to security breaches, data...

6.5CVSS7AI score0.00304EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/24 12:0 a.m.8 views

PT-2023-4556 · Moxa · Iologik 4000 Series

Name of the Vulnerable Software and Affected Versions: ioLogik 4000 Series ioLogik E4200 versions v1.6 and prior Description: A vulnerability has been identified that may facilitate the collection of information on ioLogik 4000 Series devices, potentially enabling attackers to gather information...

5.3CVSS5.4AI score0.00377EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/08/24 12:0 a.m.5 views

MOXA ioLogik 4000 Series 安全漏洞

MOXA ioLogik 4000 Series is a series of general-purpose controllers from China-based MOXA. A security vulnerability exists in MOXA ioLogik 4000 Series v1.6 and earlier versions, which stems from the ability to gain unauthorized access, potentially leading to the disclosure of sensitive informatio...

6.5CVSS6.5AI score0.00304EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.10 views

Moxa ioLogik E1200 Series Weak Password Requirements (CVE-2016-8379)

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...

8.1CVSS7.7AI score0.01428EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.17 views

Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Cleartext Storage of Sensitive Information (CVE-2019-18238)

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. This plugin only works with Tenable.o...

7.5CVSS7.4AI score0.00493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.13 views

Moxa ioLogik E1200 Series Cross-site Scripting (CVE-2016-8359)

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...

6.1CVSS6.7AI score0.01215EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.18 views

Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Cleartext Transmission of Sensitive Information (CVE-2020-7003)

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot f...

7.5CVSS7.4AI score0.00812EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.20 views

Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Incorrectly Specified Destination in a Communication Channel (CVE-2019-18242)

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.3AI score0.0131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.8 views

Moxa ioLogik E1200 Series Insufficiently Protected Credentials (CVE-2016-8372)

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...

8.1CVSS7.7AI score0.01702EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.13 views

Moxa ioLogik E1200 Series Cross-Site Request Forgery (CVE-2016-8350)

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...

6.8CVSS6.5AI score0.00567EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.18 views

Moxa ioLogik E2200 Series Insufficiently Protected Credentials (CVE-2016-2282)

Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

5.3CVSS5.8AI score0.01707EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.15 views

Moxa ioLogik E2200 Series Inadequate Encryption Strength(CVE-2016-2283)

Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

5.3CVSS5.8AI score0.01177EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.18 views

The vulnerability of the microprogrammed logic controller ioLogik’s software, related to hard-coding passwords, allows a intruder to escalate their privileges and execute arbitrary code.

The vulnerability of the microprogrammed logic controller ioLogik software relates to the rigid encoding of passwords. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code remotely...

10CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.17 views

The vulnerability of the check_cookie function in the web server of the programmable logic controller ioLogik, related to buffer overflow in the stack, allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the checkcookie function in the web server of the programmable logic controller ioLogik is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause service failures or execute arbitrary code using a specially crafted reques...

10CVSS6.4AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.17 views

The vulnerability of microprogrammed software in programmable logic controllers like ioLogik, related to deficiencies in access control, allows a intruder to gain access to the device.

The vulnerability of microprogrammed software in programmable logic controllers like ioLogik is related to deficiencies in access control. Exploiting this vulnerability can allow an intruder to gain access to the device...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.5 views

The vulnerability of the web-server of the programmable logic controller ioLogik, related to the output of an operation beyond the buffer in memory, allows a intruder to cause a service failure or execute arbitrary code.

The vulnerability of the web-server-based programmable logic controller ioLogik lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to cause service failures or execute arbitrary code using a specially crafted request...

7.8CVSS6.4AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.7 views

The vulnerability of the check_password function in the web server of the programmable logic controller ioLogik, related to buffer overflow in the stack, allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the checkpassword function in the web server of the programmable logic controller ioLogik is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause service interruptions or execute arbitrary code using a specially crafted reque...

10CVSS6.3AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.8 views

The vulnerability of the microprogrammed logical controller ioLogik software, related to insufficient requirements for password complexity, allows a hacker to gain access to the user account.

The vulnerability of the microprogrammed logic controller ioLogik software is related to insufficient requirements for the complexity of passwords. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to the user account...

10CVSS5.3AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.18 views

The vulnerability of the microprogrammed logic controller ioLogik’s software, related to deficiencies in the authentication process, allows attackers to escalate their privileges within the system.

The vulnerability of microprogrammed software in programmable logic controllers like ioLogik is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized individuals to enhance their privileges within the system through specially crafted requests...

10CVSS5.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder