CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13699
https://notcve.org/view.php?id=CVE-2017-13699
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to retrieve it. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. • http://www.securityfocus.com/bid/106047 https://www.sentryo.net/wp-content/uploads/2017/11/Switch-Moxa-Analysis.pdf • CWE-326: Inadequate Encryption Strength •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13698
https://notcve.org/view.php?id=CVE-2017-13698
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. Un atacante podría extraer las claves públicas y privadas de la imagen de firmware disponible en el sitio web de MOXA y emplearlas contra un switch de producción que tiene embebidas las claves por defecto. • https://www.sentryo.net/wp-content/uploads/2017/11/Switch-Moxa-Analysis.pdf •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13703
https://notcve.org/view.php?id=CVE-2017-13703
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. Puede ocurrir una denegación de servicio. • https://www.sentryo.net/fr/sentryo-analyse-switch-industriel • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13702
https://notcve.org/view.php?id=CVE-2017-13702
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and reused. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. Las cookies se pueden robar, manipular y reutilizar. • https://www.sentryo.net/fr/sentryo-analyse-switch-industriel • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13700
https://notcve.org/view.php?id=CVE-2017-13700
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration interface. Se ha descubierto un error en la build 16072215 de los dispositivos MOXA EDS-G512E 5.1. Existe XSS en la interfaz de administración. • https://www.sentryo.net/fr/sentryo-analyse-switch-industriel • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •