121 matches found
CVE-2019-9096
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing accoun...
CVE-2019-9096
CVE-2019-9096 affects Moxa MGate MB3170/MB3270 (firmware <=4.0), MB3180 (<=2.0), MB3280/MB3480 (<=3.0), MB3660 (
CVE-2019-9104
CVE-2019-9104 affects Moxa MGate MB3170/MB3270 (before 4.1), MB3180 (before 2.1), MB3280/MB3480 (before 3.1), and MB3660 (before 2.3). The issue is that the device configuration file stores passwords in cleartext, enabling potential information disclosure. The threat is elevated by network exposu...
CVE-2019-9099
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code...
CVE-2019-9099
Summary: CVE-2019-9099 affects Moxa MGate MB3170/MB3270 (before 4.1), MB3280/MB3480 (before 3.1), MB3660 (before 2.3), and MB3180 (before 2.1) where a buffer overflow in the built‑in web server can cause a remote DoS and may allow arbitrary code execution . The root cause is a stack‑based overflo...
CVE-2019-9097
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service...
CVE-2019-9102
CVE-2019-9102 affects Moxa MB3xxx Protocol Gateways: MB3170/MB3270 firmware <=4.0, MB3280/MB3480 <=3.0, MB3660 <=2.2, and MB3180
CVE-2019-9097
CVE-2019-9097 affects Moxa MB3xxx Protocol Gateways (MB3170/MB3270 before 4.1, MB3280/MB3480 before 3.1, MB3660 before 2.3, MB3180 before 2.1). The issue is an overload from high transit traffic that can exhaust memory and cause a denial of service. The Tenable OT plugin and CVE overview describe...
CVE-2019-9101
CVE-2019-9101 affects Moxa MGate MB3xxx Series Protocol Gateways (MB3170/MB3270 up to firmware 4.1, MB3280/MB3480 up to 3.1, MB3660 up to 2.3, MB3180 up to 2.1). The issue causes sensitive information to be transmitted to the web server in cleartext, which may allow an attacker observing traffic ...
CVE-2019-9104
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext...
CVE-2019-9103
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker can access sensitive information e.g., conduct username disclosure attacks on the built-in WEB-service without...
CVE-2019-9101
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they...
CVE-2019-9095
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access...
CVE-2019-9103
CVE-2019-9103 affects Moxa MB3xxx Protocol Gateways (MB3170/MB3270 before 4.1, MB3280/MB3480 before 3.1, MB3660 before 2.3, MB3180 before 2.1). The vulnerability allows an unauthenticated attacker to access sensitive information via the built-in WEB service, enabling potential username disclosure...
CVE-2019-9095
CVE-2019-9095 affects Moxa MGate MB31xx/MB32xx/MB36xx/MB3180 gateways. The vulnerability arises from use of a broken or risky cryptographic algorithm that may allow an attacker to intercept weakly encrypted passwords and gain administrative access. Affected firmware versions include MB3170/MB3270...
CVE-2019-9098
CVE-2019-9098 affects Moxa MGate MB3170/MB3270 (firmware <4.1), MB3180 (<2.1), MB3280 (<3.1), MB3480 (<3.1), and MB3660 (
CVE-2019-9098
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An Integer overflow in the built-in web server allows remote attackers to initiate DoS...
Moxa MGate 5105-MB-EIP OS Command Injection Vulnerability
The MGate 5105-MB-EIP is an industrial Ethernet gateway that supports MQTT or third-party cloud services e.g., Azure and Alibaba Cloud to build Modbus RTU/ASCII/TCP and EtherNet/IP network communications for IIoT applications. An operating system command injection vulnerability exists in the...
Buffer Overflow Vulnerability in Multiple Moxa Products
Moxa MGate MB3170, etc. are products of Moxa Corporation, Taiwan, China.Moxa MGate MB3170 is an MB3170 series Ethernet gateway product.Moxa MGate MB3270 is an MB3270 series Ethernet gateway product.Moxa MGate MB3280 is an MB3280 series Ethernet gateway product. A buffer overflow vulnerability...
CVE-2020-8858
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from...