Skip to main content
CVE-2016-4521 CRITICAL Act Now

Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bt 5 Series Cellular Router Firmware Bt 6 Series Cellular Router Firmware
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2016-4501 CRITICAL Act Now

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Esc 8832 Data Controller
NVD
CVSS 3.0
9.1
EPSS
0.3%
CVE-2016-4505 HIGH This Week

Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Intuitive 650 Tdb Controller
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-2285 HIGH This Week

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Miineport E2 1242 Firmware Miineport E2 4561 Firmware Miineport E1 7080 Firmware Miineport E3 Firmware +1
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-4506 HIGH This Week

Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Intuitive 650 Tdb Controller
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2016-2286 HIGH This Week

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Miineport E2 1242 Firmware Miineport E1 7080 Firmware Miineport E2 4561 Firmware Miineport E3 Firmware +1
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-2295 HIGH This Week

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Miineport E2 1242 Firmware Miineport E1 4641 Firmware Miineport E2 4561 Firmware Miineport E3 Firmware +1
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-0878 HIGH This Week

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Edr G903 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2016-0877 HIGH This Week

Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Edr G903 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2016-0879 HIGH This Week

Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edr G903 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2016-0875 HIGH This Week

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edr G903 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2016-0876 HIGH This Week

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edr G903 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2016-4502 HIGH This Week

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Esc 8832 Data Controller
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2016-4785 MEDIUM This Month

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions <. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Siprotec Firmware
NVD
CVSS 3.0
5.3
EPSS
2.4%
CVE-2016-4784 MEDIUM This Month

A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions <. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Siprotec Firmware
NVD
CVSS 3.0
5.3
EPSS
2.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy