Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Moxa — Vulnerabilities & Security Advisories 123

Browse all 123 CVE security advisories affecting Moxa. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Moxa specializes in industrial networking hardware, providing ruggedized switches, routers, and IoT gateways designed for harsh environments like manufacturing and transportation. The company’s product portfolio has accumulated 123 recorded Common Vulnerabilities and Exposures, reflecting the complexity of embedded systems in critical infrastructure. Historically, these security flaws predominantly involve remote code execution, buffer overflows, and improper access control mechanisms, which often allow attackers to gain unauthorized administrative privileges or disrupt network connectivity. While specific high-profile breaches directly attributed to Moxa hardware are less publicized compared to consumer electronics, the sheer volume of CVEs highlights persistent challenges in securing legacy industrial protocols and firmware updates. This pattern underscores the broader industry struggle to maintain robust cybersecurity hygiene in operational technology environments where stability often takes precedence over rapid patching cycles.

Top products by Moxa: AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client MXsecurity Series TN-5900 Series ThingsPro IIoT Gateway and Device Management Software Solutions SDS-3008 Series Industrial Ethernet Switch NPort IAW5000A-I/O EDR-G9010 Series EDR-8010 Series OnCell G3150A-LTE Series MXview Network Management Software NPort IAW5000A-I/O Series firmware ioLogik 4000 Series MXview One Series SoftCMS ioLogik E1200 Series PT-G503 Series EDF-G1002-BP Series NPort 5000AI-M12 Series TN-4500A Series NPort 6100-G2/6200-G2 Series UC-1200A Series MOXA MXView Series MGate 5105-MB-EIP MxGeneralIo MiiNePort E1 OnCell G3100V2 Series Moxa AWK-3131A WAP NPort 5210, 5230, and 5232 Utility for DRP-A100 Series
CVE IDTitleCVSSSeverityPublished
CVE-2024-6786 MXview One Series vulnerable to Path Traversal — MXview One SeriesCWE-24 6.5 Medium2024-09-21
CVE-2024-6785 MXview One and MXview One Central Manager Series store cleartext credentials in a local file — MXview One SeriesCWE-313 5.5 Medium2024-09-21
CVE-2024-4641 OnCell G3470A-LTE Series: Authenticated Format String Errors — OnCell G3150A-LTE SeriesCWE-134 6.3 Medium2024-06-25
CVE-2024-4640 OnCell G3470A-LTE Series: Authenticated Command Injection via sendTestEmail — OnCell G3150A-LTE SeriesCWE-120 7.1 High2024-06-25
CVE-2024-4639 OnCell G3470A-LTE Series: Authenticated Command Injection via webDelIPSec — OnCell G3150A-LTE SeriesCWE-77 7.1 High2024-06-25
CVE-2024-4638 OnCell G3470A-LTE Series: Authenticated Command Injection via webUploadKey — OnCell G3470A-LTE SeriesCWE-77 7.1 High2024-06-25
CVE-2024-3576 NPort 5100A Series Store XSS Vulnerability — NPort 5100A SeriesCWE-79 8.3 High2024-05-06
CVE-2024-1220 NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability — NPort W2150A/W2250A SeriesCWE-121 8.2 High2024-03-06
CVE-2024-0387 EDS-4000/G4000 Series IP Forwarding Vulnerability — EDS-4008 SeriesCWE-1188 6.5 Medium2024-02-26
CVE-2023-6094 OnCell G3150A-LTE Series: Web Server Transmits Cleartext Credentials — OnCell G3150A-LTE SeriesCWE-319 5.3 Medium2023-12-31
CVE-2023-6093 OnCell G3150A-LTE Series: Clickjacking Vulnerability — OnCell G3150A-LTE SeriesCWE-1021 5.3 Medium2023-12-31
CVE-2023-5962 ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability — ioLogik E1200 SeriesCWE-328 6.5 Medium2023-12-23
CVE-2023-5961 ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability — ioLogik E1200 SeriesCWE-352 8.8 High2023-12-23
CVE-2023-5035 Cookie Without Secure Flag — PT-G503 SeriesCWE-614 3.1 Low2023-11-02
CVE-2023-4217 Session cookies attribute not set properly — PT-G503 SeriesCWE-1004 3.1 Low2023-11-02
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability — NPort 6000 SeriesCWE-303 7.5 High2023-11-01
CVE-2023-4452 Web Server Buffer Overflow Vulnerability — EDR-810 Series CWE-120 6.5 Medium2023-11-01
CVE-2023-4929 NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability — NPort 5000AI-M12 SeriesCWE-354 6.5 Medium2023-10-03
CVE-2023-39983 MXsecurity Register Database Pollution — MXsecurity SeriesCWE-915 5.3 Medium2023-09-02
CVE-2023-39982 MXsecurity Hardcoded Credential — MXsecurity SeriesCWE-321 7.5 High2023-09-02
CVE-2023-39981 MXsecurity Device Information Disclosure — MXsecurity SeriesCWE-306 7.5 High2023-09-02
CVE-2023-39980 MXsecurity Authenticated Information Disclosure Due to SQL Injection — MXsecurity SeriesCWE-89 7.1 High2023-09-02
CVE-2023-39979 MXsecurity Authentication Bypass — MXsecurity SeriesCWE-334 9.8 Critical2023-09-02
CVE-2023-4230 ioLogik 4000 Series: Server Banner Information Disclosure — ioLogik 4000 SeriesCWE-200 5.3 Medium2023-08-24
CVE-2023-4229 ioLogik 4000 Series: Session Headers Not Implemented — ioLogik 4000 SeriesCWE-1021 4.3 Medium2023-08-24
CVE-2023-4228 ioLogik 4000 Series: Session Cookies Attribute Not Set Properly — ioLogik 4000 SeriesCWE-1004 3.1 Low2023-08-24
CVE-2023-4227 ioLogik 4000 Series: Existence of an Unauthorized Service — ioLogik 4000 SeriesCWE-489 5.3 Medium2023-08-24
CVE-2023-34217 Second Order Command-injection Vulnerability in the Certificate-delete Function — TN-5900 SeriesCWE-22 8.1 High2023-08-17
CVE-2023-34216 Second Order Command-injection Vulnerability in the Key-delete Function — TN-5900 SeriesCWE-22 8.1 High2023-08-17
CVE-2023-34215 Second Order Command-injection Vulnerability in the Certificate-generation Function — TN-5900 SeriesCWE-78 7.2 High2023-08-17

This page lists every published CVE security advisory associated with Moxa. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.