Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19660 | 1 Moxa | 2 Nport W2x50a, Nport W2x50a Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user. | |||||
| CVE-2018-19659 | 1 Moxa | 2 Nport W2x50a, Nport W2x50a Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root user. This is similar to CVE-2017-12120. | |||||