Mxview
by Moxa
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7456 | Hig | 0.54 | 7.5 | 0.29 | Apr 14, 2017 | Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. | ||
| CVE-2017-7455 | Hig | 0.53 | 7.5 | 0.16 | Apr 14, 2017 | Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. | ||
| CVE-2017-14030 | Hig | 0.51 | 7.8 | 0.00 | Jan 12, 2018 | An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path. | ||
| CVE-2018-7506 | Hig | 0.49 | 7.5 | 0.02 | Apr 6, 2018 | The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information. | ||
| CVE-2021-38460 | 0.00 | — | 0.02 | Oct 12, 2021 | A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | |||
| CVE-2021-38458 | 0.00 | — | 0.02 | Oct 12, 2021 | A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | |||
| CVE-2021-38454 | 0.00 | — | 0.16 | Oct 12, 2021 | A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | |||
| CVE-2021-38456 | 0.00 | — | 0.01 | Oct 12, 2021 | A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords | |||
| CVE-2021-38452 | 0.00 | — | 0.02 | Oct 12, 2021 | A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. |
- risk 0.54cvss 7.5epss 0.29
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
- risk 0.53cvss 7.5epss 0.16
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path.
- risk 0.49cvss 7.5epss 0.02
The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information.
- CVE-2021-38460Oct 12, 2021risk 0.00cvss —epss 0.02
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-38458Oct 12, 2021risk 0.00cvss —epss 0.02
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-38454Oct 12, 2021risk 0.00cvss —epss 0.16
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-38456Oct 12, 2021risk 0.00cvss —epss 0.01
A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords
- CVE-2021-38452Oct 12, 2021risk 0.00cvss —epss 0.02
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.