Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Moxa Subscribe
Filtered by product Nport W2x50a Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19659 1 Moxa 2 Nport W2x50a, Nport W2x50a Firmware 2019-01-30 9.0 HIGH 8.8 HIGH
An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root user. This is similar to CVE-2017-12120.
CVE-2018-19660 1 Moxa 2 Nport W2x50a, Nport W2x50a Firmware 2019-01-30 9.0 HIGH 8.8 HIGH
An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user.