Moxa Pt-7528-20Mst-4Tx-4Gsfp-Wv-Wv Firmware vulnerabilities

6 known vulnerabilities affecting moxa/pt-7528-20mst-4tx-4gsfp-wv-wv_firmware.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH3

Vulnerabilities

Page 1 of 1
CVE-2020-6985CRITICALCVSS 9.8≤ 4.02020-03-24
CVE-2020-6985 [CRITICAL] CWE-798 CVE-2020-6985: In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.
nvd
CVE-2020-6989CRITICALCVSS 9.8≤ 4.02020-03-24
CVE-2020-6989 [CRITICAL] CWE-121 CVE-2020-6989: In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.
nvd
CVE-2020-6995CRITICALCVSS 9.8≤ 4.02020-03-24
CVE-2020-6995 [CRITICAL] CWE-521 CVE-2020-6995: In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.
nvd
CVE-2020-6983HIGHCVSS 7.5≤ 4.02020-03-24
CVE-2020-6983 [HIGH] CWE-321 CVE-2020-6983: In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered.
nvd
CVE-2020-6987HIGHCVSS 7.5≤ 4.02020-03-24
CVE-2020-6987 [HIGH] CWE-327 CVE-2020-6987: In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
nvd
CVE-2020-6993HIGHCVSS 7.5≤ 4.02020-03-24
CVE-2020-6993 [HIGH] CWE-200 CVE-2020-6993: In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization.
nvd