threat
engine
.sh
Back
·
··:··
Home
/
Product
/
moxa eds 405a firmware
Product
moxa eds 405a firmware
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2019-6526
<= 3.8
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and E
9.8
CRITICAL
CVE-2019-6565
<= 3.8
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform
6.1
MEDIUM
CVE-2019-6563
<= 3.8
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's pa
9.8
CRITICAL
CVE-2019-6561
<= 3.8
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on t
8.8
HIGH
CVE-2019-6559
<= 3.8
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the
6.5
MEDIUM
CVE-2019-6557
<= 3.8
Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution.
9.8
CRITICAL
CVE-2019-6524
<= 3.8
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attac
9.8
CRITICAL
CVE-2019-6522
<= 3.8
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, an
9.1
CRITICAL
CVE-2019-6520
<= 3.8
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitra
7.5
HIGH
CVE-2019-6518
<= 3.8
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.
7.5
HIGH
CVE-2015-6466
<= 3.4
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and ED
CVE-2015-6465
<= 3.4
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause
CVE-2015-6464
<= 3.4
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin