EUVD-2021-32784

Malicious code in bioql PyPI...

CVE-2021-46082

Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service DoS via crafted packets...

Moxa MB3xxx Series Protocol Gateways Weak Password Requirements (CVE-2019-9096)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing accoun...

Moxa MB3xxx Series Protocol Gateways Use of a Broken or Risky Cryptographic Algorithm (CVE-2019-9095)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access. This plugin only works with...

Moxa MB3xxx Series Protocol Gateways Cleartext Storage of Sensitive Information (CVE-2019-9104)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext. This plugin only works with...

Moxa MB3xxx Series Protocol Gateways Incorrectly Specified Destination in a Communication Channel (CVE-2019-9097)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service. This plugin only works with...

Moxa MB3xxx Series Protocol Gateways Exposure of Sensitive Information to an Unauthorized Actor (CVE-2019-9103)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker can access sensitive information e.g., conduct username disclosure attacks on the built- in WEB-service without...

Moxa MB3xxx Series Protocol Gateways Integer Overflow to Buffer Overflow (CVE-2019-9098)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An Integer overflow in the built-in web server allows remote attackers to initiate DoS. This plugin only works with Tenable.o...

Moxa MB3xxx Series Protocol Gateways Cross-Site Request Forgery (CVE-2019-9102)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery CSRF protection...

Moxa MB3xxx Series Protocol Gateways Stack-Based Buffer Overflow (CVE-2019-9099)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code...

Vulnerability fixed in Moxa MGate

A vulnerability has been fixed in Moxa MGate. The vulnerability allows a malicious party to gain a man-in-the-middle MITM position on the vulnerable system. Moxa has released updates to fix the vulnerability. More information can be found on the page below:...

CVE-2021-46082

Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service DoS via crafted packets...

Memory corruption

Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service DoS via crafted packets...

CVE-2021-46082

CVE-2021-46082 affects Moxa TN-5900 v3.1 routers and MGate 5109 v2.2, 5101-PBM-MN v2.1 protocol gateways. The issue is a memory leak that enables an attacker to cause a Denial of Service via crafted packets. Public sources in the provided documents reference vendor advisories and security entries...

CVE-2021-4161 ICSA-21-357-01 Moxa MGate Protocol Gateways

The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server...

Moxa MGate Protocol Gateways

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MGate MB3180/MB3280/MB3480 Series Protocol Gateways Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Black Hat Trip Report – Trend Micro

At Black Hat USA 2020, Trend Micro presented two important talks on vulnerabilities in Industrial IoT IIoT. The first discussed weaknesses in proprietary languages used by industrial robots, and the second talked about vulnerabilities in protocol gateways. Any organization using robots, and any...

This Week in Security News: Robots Running the Industrial World Are Open to Cyber Attacks and Industrial Protocol Translation Gone Wrong

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Based on research that Trend Micro released during Black Hat USA this past week, read about how some industrial robots have flaws that could make them...