Nport Iaw5000a I/o Firmware

nport_iaw5000a-i/o_firmware

Vendor: Moxa • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-4929 1Moxa 108Nport 5110 T Firmware Nport 5110 FirmwareNport 5110a T Firmware+105 more Nov 21, 2024 Oct 3, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially all...Show more All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices. Show less
CVE-2023-4204 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Aug 16, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attrib...Show more NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate firmware manipulation. Show less
CVE-2020-25198 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Dec 23, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by st...Show more The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies.Show less
CVE-2020-25196 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Dec 23, 2020 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.
CVE-2020-25194 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Dec 23, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.
CVE-2020-25192 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Dec 23, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization.
CVE-2020-25190 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Dec 23, 2020 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext.
CVE-2020-25153 1Moxa 1Nport Iaw5000a I/o Firmware Nov 21, 2024 Dec 23, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords.