VYPR

MXView Series

by Moxa

CVEs (7)

  • CVE-2024-6787Sep 21, 2024
    risk 0.00cvss epss 0.00

    This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious…

  • CVE-2024-6786Sep 21, 2024
    risk 0.00cvss epss 0.01

    The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets.

  • CVE-2024-6785Sep 21, 2024
    risk 0.00cvss epss 0.00

    The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.

  • CVE-2021-40392Apr 14, 2022
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.

  • CVE-2021-40390Apr 14, 2022
    risk 0.00cvss epss 0.02

    An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13537Nov 5, 2020
    risk 0.00cvss epss 0.01

    An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT…

  • CVE-2020-13536Nov 5, 2020
    risk 0.00cvss epss 0.01

    An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT…