Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wac\-2004_firmware
(Moxa)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-09-07 | CVE-2021-39278 | Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Tap\-323\-Eu\-Ct\-T_firmware, Tap\-323\-Jp\-Ct\-T_firmware, Tap\-323\-Us\-Ct\-T_firmware, Wac\-1001\-T_firmware, Wac\-1001_firmware, Wac\-2004_firmware, Wdr\-3124a\-Eu\-T_firmware, Wdr\-3124a\-Eu_firmware, Wdr\-3124a\-Us\-T_firmware, Wdr\-3124a\-Us_firmware | 6.1 | ||
| 2021-09-07 | CVE-2021-39279 | Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Tap\-323\-Eu\-Ct\-T_firmware, Tap\-323\-Jp\-Ct\-T_firmware, Tap\-323\-Us\-Ct\-T_firmware, Wac\-1001\-T_firmware, Wac\-1001_firmware, Wac\-2004_firmware, Wdr\-3124a\-Eu\-T_firmware, Wdr\-3124a\-Eu_firmware, Wdr\-3124a\-Us\-T_firmware, Wdr\-3124a\-Us_firmware | 8.8 | ||
| 2017-02-13 | CVE-2016-8363 | An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. User is able to execute arbitrary OS commands on the server. | Awk\-1121_firmware, Awk\-1127_firmware, Awk\-1131a_firmware, Awk\-3121\-M12\-Rtg_firmware, Awk\-3131\-M12\-Rcc_firmware, Awk\-3131a_firmware, Awk\-3191_firmware, Awk\-4131a_firmware, Awk\-5232\-M12\-Rcc_firmware, Awk\-5232_firmware, Awk\-6232_firmware, Oncellg3470a\-Lte_firmware, Wac\-1001_v2_firmware, Wac\-2004_firmware | 10.0 | ||
| 2017-02-13 | CVE-2016-8362 | An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. Any user is able to download log files by accessing a specific URL. | Awk\-1121_firmware, Awk\-1127_firmware, Awk\-1131a_firmware, Awk\-3121\-M12\-Rtg_firmware, Awk\-3131\-M12\-Rcc_firmware, Awk\-3131a_firmware, Awk\-3191_firmware, Awk\-4131a_firmware, Awk\-5232\-M12\-Rcc_firmware, Awk\-5232_firmware, Awk\-6232_firmware, Oncellg3470a\-Lte_firmware, Wac\-1001_v2_firmware, Wac\-2004_firmware | 6.5 |