Moxa MB3xxx Series Protocol Gateways Weak Password Requirements (CVE-2019-9096)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing accoun...

Moxa MB3xxx Series Protocol Gateways Cleartext Transmission of Sensitive Information (CVE-2019-9101)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they...

CVE-2019-9104

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext...

CVE-2019-9099

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code...

CVE-2019-9101

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they...

CVE-2019-9097

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service...

CVE-2019-9099

Summary: CVE-2019-9099 affects Moxa MGate MB3170/MB3270 (before 4.1), MB3280/MB3480 (before 3.1), MB3660 (before 2.3), and MB3180 (before 2.1) where a buffer overflow in the built‑in web server can cause a remote DoS and may allow arbitrary code execution . The root cause is a stack‑based overflo...

CVE-2019-9103

CVE-2019-9103 affects Moxa MB3xxx Protocol Gateways (MB3170/MB3270 before 4.1, MB3280/MB3480 before 3.1, MB3660 before 2.3, MB3180 before 2.1). The vulnerability allows an unauthenticated attacker to access sensitive information via the built-in WEB service, enabling potential username disclosure...

Weak Password Vulnerability in Multiple Moxa Products

Moxa MB3170/MB3270/MB3180/MB3280/MB3480/MB3660 series is an advanced Ethernet gateway device manufactured by moxa Taiwan. A weak password vulnerability exists in several Moxa products, which can be exploited by attackers to gain access by performing a brute force attack...

Weak Encryption Algorithm Vulnerability in Multiple Moxa Products

Moxa MB3170/MB3270/MB3180/MB3280/MB3480/MB3660 series is an advanced Ethernet gateway device manufactured by moxa Taiwan. Weak encryption algorithm vulnerability in multiple Moxa products can be exploited by attackers to obtain sensitive information...

Information Disclosure Vulnerability in Multiple Moxa Products (CNVD-2020-18360)

Moxa MB3170/MB3270/MB3180/MB3280/MB3480/MB3660 series is an advanced Ethernet gateway device manufactured by moxa Taiwan. An information disclosure vulnerability exists in multiple Moxa products, which can be exploited by attackers to gain access to administrative accounts...

Multiple Moxa Products Plaintext Transfer Vulnerability

Moxa MB3170/MB3270/MB3180/MB3280/MB3480/MB3660 series is an advanced Ethernet gateway device manufactured by moxa Taiwan. An information disclosure vulnerability exists in multiple Moxa products, which can be exploited by attackers to obtain sensitive information...