163 matches found
MOXA ioLogik 4000 Series 安全漏洞
MOXA ioLogik 4000 Series is a series of general-purpose controllers from China-based MOXA. A security vulnerability exists in MOXA ioLogik 4000 Series v1.6 and earlier versions, which stems from the session cookie attribute not being set correctly, potentially allowing user session data to be...
PT-2023-4557 · Moxa · Iologik 4000 Series
Name of the Vulnerable Software and Affected Versions: ioLogik 4000 Series ioLogik E4200 versions v1.6 and prior Description: A vulnerability has been identified that can be exploited by malicious actors to potentially gain unauthorized access to the product, leading to security breaches, data...
PT-2023-4556 · Moxa · Iologik 4000 Series
Name of the Vulnerable Software and Affected Versions: ioLogik 4000 Series ioLogik E4200 versions v1.6 and prior Description: A vulnerability has been identified that may facilitate the collection of information on ioLogik 4000 Series devices, potentially enabling attackers to gather information...
MOXA ioLogik 4000 Series 安全漏洞
MOXA ioLogik 4000 Series is a series of general-purpose controllers from China-based MOXA. A security vulnerability exists in MOXA ioLogik 4000 Series v1.6 and earlier versions, which stems from the ability to gain unauthorized access, potentially leading to the disclosure of sensitive informatio...
Moxa ioLogik E1200 Series Weak Password Requirements (CVE-2016-8379)
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Cleartext Storage of Sensitive Information (CVE-2019-18238)
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. This plugin only works with Tenable.o...
Moxa ioLogik E1200 Series Cross-site Scripting (CVE-2016-8359)
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Cleartext Transmission of Sensitive Information (CVE-2020-7003)
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot f...
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Incorrectly Specified Destination in a Communication Channel (CVE-2019-18242)
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail. This plugin only works with Tenable.ot. Please visit...
Moxa ioLogik E1200 Series Insufficiently Protected Credentials (CVE-2016-8372)
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
Moxa ioLogik E1200 Series Cross-Site Request Forgery (CVE-2016-8350)
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
Moxa ioLogik E2200 Series Insufficiently Protected Credentials (CVE-2016-2282)
Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors. This plugin only works with Tenable.ot. Please visit...
Moxa ioLogik E2200 Series Inadequate Encryption Strength(CVE-2016-2283)
Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors. This plugin only works with Tenable.ot. Please visit...
The vulnerability of the microprogrammed logic controller ioLogik’s software, related to hard-coding passwords, allows a intruder to escalate their privileges and execute arbitrary code.
The vulnerability of the microprogrammed logic controller ioLogik software relates to the rigid encoding of passwords. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code remotely...
The vulnerability of the check_cookie function in the web server of the programmable logic controller ioLogik, related to buffer overflow in the stack, allows a intruder to trigger a service failure or execute arbitrary code.
The vulnerability of the checkcookie function in the web server of the programmable logic controller ioLogik is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause service failures or execute arbitrary code using a specially crafted reques...
The vulnerability of microprogrammed software in programmable logic controllers like ioLogik, related to deficiencies in access control, allows a intruder to gain access to the device.
The vulnerability of microprogrammed software in programmable logic controllers like ioLogik is related to deficiencies in access control. Exploiting this vulnerability can allow an intruder to gain access to the device...
The vulnerability of the web-server of the programmable logic controller ioLogik, related to the output of an operation beyond the buffer in memory, allows a intruder to cause a service failure or execute arbitrary code.
The vulnerability of the web-server-based programmable logic controller ioLogik lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to cause service failures or execute arbitrary code using a specially crafted request...
The vulnerability of the check_password function in the web server of the programmable logic controller ioLogik, related to buffer overflow in the stack, allows a intruder to trigger a service failure or execute arbitrary code.
The vulnerability of the checkpassword function in the web server of the programmable logic controller ioLogik is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause service interruptions or execute arbitrary code using a specially crafted reque...
The vulnerability of the microprogrammed logical controller ioLogik software, related to insufficient requirements for password complexity, allows a hacker to gain access to the user account.
The vulnerability of the microprogrammed logic controller ioLogik software is related to insufficient requirements for the complexity of passwords. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to the user account...
The vulnerability of the microprogrammed logic controller ioLogik’s software, related to deficiencies in the authentication process, allows attackers to escalate their privileges within the system.
The vulnerability of microprogrammed software in programmable logic controllers like ioLogik is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized individuals to enhance their privileges within the system through specially crafted requests...