Lucene search
K
MoxaThingspro

7 matches found

CVE
CVE
added 2018/10/19 2:0 p.m.50 views

CVE-2018-18395

CVE-2018-18395 affects Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1. A vulnerability described as Hidden Token Access exists, with CNVD reporting that a remote attacker could gain root privileges and execute arbitrary code via a hidden API token. The CVE’s CVSS scores...

10CVSS9.3AI score0.01535EPSS
CVE
CVE
added 2018/10/19 2:0 p.m.43 views

CVE-2018-18396

The CVE-2018-18396 entry concerns Moxa ThingsPro IIoT Gateway and Device Management Software Solutions, version 2.1. Multiple connected sources (CNVD-2018-21513, NVD, and related records) authorize a Remote Code Execution vulnerability in this product. The root cause is an ability for a remote at...

9.8CVSS9.6AI score0.0234EPSS
CVE
CVE
added 2018/10/19 2:0 p.m.42 views

CVE-2018-18391

CVE-2018-18391 affects Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. The connected documents describe a user privilege escalation vulnerability in ThingsPro, but do not specify the underlying root cause, affected components, or concrete exploitation details. Pu...

8.8CVSS8.6AI score0.01024EPSS
CVE
CVE
added 2018/10/19 2:0 p.m.42 views

CVE-2018-18392

CVE-2018-18392 describes a privilege escalation due to broken access control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions, version 2.1. Affected component is the ThingsPro product suite; the root cause is improper access control allowing elevation of privileges. Impact ...

8.8CVSS8.6AI score0.01024EPSS
CVE
CVE
added 2018/10/19 2:0 p.m.42 views

CVE-2018-18393

CVE-2018-18393 affects Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1. Sources indicate a password management vulnerability that could allow a remote attacker to change a user’s password, implying potential account compromise. The connected CNVD entry confirms remote pa...

9.8CVSS9.3AI score0.01006EPSS
CVE
CVE
added 2018/10/19 2:0 p.m.39 views

CVE-2018-18390

CVE-2018-18390 affects Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. Connected sources describe a user enumeration vulnerability over the network, with CNVD noting a remote attacker could use brute-force attempts to obtain a valid user password. The CVSS metric...

7.5CVSS7.5AI score0.01123EPSS
CVE
CVE
added 2018/10/19 2:0 p.m.35 views

CVE-2018-18394

CVE-2018-18394 affects Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1, where the system stores sensitive information in plaintext (notably tokens). The provided sources (NVD, CNVD, PRION) describe the root cause as plaintext storage, enabling an attacker to recover acce...

9.8CVSS9.1AI score0.0071EPSS