cbcvebase.
CVE-2020-25194
published 2020-12-23

CVE-2020-25194: The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user…

high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.

Affected

2 ranges
VendorProductVersion rangeFixed in
moxanport_iaw5000a-i_ounspecified – Version 2.1
moxanport_iaw5000a-i_o_firmware<= 2.1