|
220721
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitte…
|
CWE-352
Origin Validation Error
|
CVE-2019-4726
|
2024-11-21 13:44 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220722
|
7.2 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interp…
|
CWE-287
Improper Authentication
|
CVE-2019-5165
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220723
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause th…
|
NVD-CWE-noinfo
|
CVE-2019-5162
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220724
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5153
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220725
|
7.5 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-5148
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220726
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overfl…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-5143
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220727
|
7.2 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cau…
|
CWE-78
OS Command
|
CVE-2019-5142
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220728
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip parameter can cause user input to be re…
|
CWE-78
OS Command
|
CVE-2019-5141
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220729
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to …
|
CWE-78
OS Command
|
CVE-2019-5140
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220730
|
7.1 |
HIGH
Local
|
moxa
|
awk-3131a_firmware
|
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encrypti…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-5139
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
