Path traversal

An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path...

CVE-2017-14030

An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path...

CVE-2017-14030

CVE-2017-14030 affects Moxa MXview v2.8 and earlier. The issue is an unquoted service path that enables local privilege escalation for an authorized user with file access by inserting arbitrary code into the unquoted path. The vulnerability impact is elevated privileges (C/I/A: high) with local a...

CVE-2017-14030

An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path...

Moxa MXview

CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Moxa Equipment: MXview Vulnerability: Unquoted Search Path or Element. AFFECTED PRODUCTS The following versions of MXview, network management software, are affected: MXview v2.8 and prior. IMPACT Successful exploitation of this...

Moxa MXView security vulnerability (CNVD-2017-05671)

Moxa MXView is Moxa's network management software for configuring, monitoring and diagnosing network devices in industrial Ethernet networks. A security vulnerability exists in Moxa MXView version 2.8. A remote attacker can exploit this vulnerability to cause a denial of service...

Moxa MXView Security Vulnerability

Moxa MXView is Moxa's network management software for configuring, monitoring and diagnosing network devices in industrial Ethernet networks. A security vulnerability exists in Moxa MXView version 2.8. The vulnerability can be exploited by a remote attacker to read the private key file of the web...

CVE-2017-7455

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control...

CVE-2017-7456

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials...

CVE-2017-7456

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials...

CVE-2017-7455

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control...

Design/Logic Flaw

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials...

Improper access control

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control...

CVE-2017-7455

CVE-2017-7455 affects Moxa MXView 2.8. The vulnerability is a remote information-disclosure where an attacker can read the web server’s private key. Technical detail from the packet-plug: MXView stores a copy of its web server private key at C:\Users\TARGET-USER\AppData\Roaming\moxa\mxview\web\ce...

CVE-2017-7456

CVE-2017-7456 affects Moxa MXView 2.8, where remote attackers can cause a Denial of Service by sending an oversized junk payload in the MXView login credentials. Impact is DoS on the MXView server. Public advisories and open-source checks corroborate the DoS vector and tie the vulnerability to MX...

CVE-2017-7455

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control...

CVE-2017-7456

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials...

Moxa MXview Detection (HTTP)

HTTP based detection of Moxa MXview. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...

Moxa MXview < 2.9 Multiple Vulnerabilities (HTTP) - Active Check

Moxa MXview is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Moxa MXview v2.8 Denial Of Service Exploit

Exploit for windows platform in category dos / poc + Credits: John Page AKA hyp3rlinx Vendor: ============ www.moxa.com Product: =========== MXView v2.8 Download: http://www.moxa.com/product/MXstudio.htm MXview Industrial Network Management Software. Auto discovery of network devices and physical...