7 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets. En los dispositivos Moxa EDS-G508E, EDS-G512E y EDS-G516E (con versión de firmware hasta 6.0), una denegación de servicio puede presentarse por medio de paquetes de descubrimiento de endpoint DCE-RPC de PROFINET . • https://www.moxa.com/en/support/support/security-advisory/eds-g508e-g512e-g516e-series-ethernet-switches-vulnerabilities •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering method. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. • http://www.securityfocus.com/bid/101966 https://www.sentryo.net/wp-content/uploads/2017/11/Switch-Moxa-Analysis.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to retrieve it. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. • http://www.securityfocus.com/bid/106047 https://www.sentryo.net/wp-content/uploads/2017/11/Switch-Moxa-Analysis.pdf • CWE-326: Inadequate Encryption Strength •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. Un atacante podría extraer las claves públicas y privadas de la imagen de firmware disponible en el sitio web de MOXA y emplearlas contra un switch de producción que tiene embebidas las claves por defecto. • https://www.sentryo.net/wp-content/uploads/2017/11/Switch-Moxa-Analysis.pdf •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. Puede ocurrir una denegación de servicio. • https://www.sentryo.net/fr/sentryo-analyse-switch-industriel • CWE-20: Improper Input Validation •