← Back

Nport W2x50a Firmware

nport_w2x50a_firmware

Vendor: Moxa • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-19660
1Moxa
1Nport W2x50a Firmware
Nov 21, 2024
Dec 6, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/...Show more
An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user.Show less
CVE-2018-19659
1Moxa
1Nport W2x50a Firmware
Nov 21, 2024
Dec 6, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/...Show more
An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root user. This is similar to CVE-2017-12120.Show less