Vulnerabilities in MOXA
128 resultsCVE-2023-4217LOWSession cookies attribute not set properlyEPSS 0.3%CVE-2025-1977HIGHThe NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenEPSS 0.3%CVE-2023-1257HIGHCVE-2023-1257EPSS 0.3%CVE-2023-5627HIGHIncorrect Implementation of Authentication Algorithm VulnerabilityEPSS 0.3%CVE-2026-10828MEDIUMA format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-WEPSS 0.3%CVE-2023-4227MEDIUMioLogik 4000 Series: Existence of an Unauthorized ServiceEPSS 0.3%CVE-2023-4228LOWioLogik 4000 Series: Session Cookies Attribute Not Set ProperlyEPSS 0.3%CVE-2026-4483HIGHAn exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial xEPSS 0.3%CVE-2025-1679MEDIUMCross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject maliciEPSS 0.3%CVE-2026-10831MEDIUMImproper Authorization of Break Signal Commands in DevicesEPSS 0.3%CVE-2025-0193MEDIUMStored Cross-site Scripting (XSS) Vulnerability in the MGate 5121/5122/5123 SeriesEPSS 0.3%CVE-2023-5962MEDIUMioLogik E1200 Series: Weak Cryptographic Algorithm VulnerabilityEPSS 0.3%CVE-2024-4740MEDIUMMXsecurity Use of Hard-coded CredentialsEPSS 0.3%CVE-2024-6787MEDIUMMXview One Series vulnerable to Time-of-check Time-of-use (TOCTOU) Race ConditionEPSS 0.3%CVE-2023-4929MEDIUMNPort 5000 Series Firmware Improper Validation of Integrity Check VulnerabilityEPSS 0.3%CVE-2023-6093MEDIUMOnCell G3150A-LTE Series: Clickjacking VulnerabilityEPSS 0.3%CVE-2026-10825HIGHImproper JSON Input Validation in WebSocket API Leads to Denial of ServiceEPSS 0.2%CVE-2026-3867MEDIUMAn improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-EPSS 0.2%CVE-2023-6094MEDIUMOnCell G3150A-LTE Series: Web Server Transmits Cleartext CredentialsEPSS 0.2%CVE-2026-0715HIGHMoxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An EPSS 0.2%