Skip to main content

Mxview

10 CVEs product

Monthly

CVE-2021-38460 HIGH This Week

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mxview
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-38458 CRITICAL Act Now

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mxview
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-38456 CRITICAL Act Now

A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxview
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-38454 CRITICAL Act Now

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Authentication Bypass Mxview
NVD
CVSS 3.1
10.0
EPSS
15.8%
CVE-2021-38452 CRITICAL Act Now

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mxview
NVD
CVSS 3.1
9.1
EPSS
1.6%
CVE-2020-13537 HIGH POC This Week

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Node.js Privilege Escalation Mxview
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-13536 HIGH POC This Week

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Node.js Privilege Escalation Mxview
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-7506 HIGH This Week

The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mxview
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2017-7456 HIGH POC THREAT Act Now

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.5%.

Denial Of Service Mxview
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
10.5%
CVE-2017-7455 HIGH POC THREAT Act Now

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 40.0%.

Information Disclosure Mxview
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
40.0%
Threat
4.2
EPSS 2% CVSS 7.5
HIGH This Week

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mxview
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mxview
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxview
NVD
EPSS 16% CVSS 10.0
CRITICAL Act Now

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Authentication Bypass Mxview
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mxview
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Node.js Privilege Escalation Mxview
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Node.js Privilege Escalation Mxview
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mxview
NVD
EPSS 11% CVSS 7.5
HIGH POC THREAT Act Now

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.5%.

Denial Of Service Mxview
NVD Exploit-DB
EPSS 40% 4.2 CVSS 7.5
HIGH POC THREAT Act Now

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 40.0%.

Information Disclosure Mxview
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy