MOXA NPort IAW5000A-I/O Series firmware vunspecified - 4 CVEs

CVE-2021-32976

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.

CRITICAL CVSS 9.8 Published Apr 01, 2022

CVE-2021-32974

Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands.

CRITICAL CVSS 9.8 Published Apr 01, 2022

CVE-2021-32970

Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions.

HIGH CVSS 7.5 Published Apr 01, 2022

CVE-2021-32968

Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition.

HIGH CVSS 7.5 Published Apr 01, 2022

Version unspecified

Known Vulnerabilities

CVE-2021-32976

CVE-2021-32974

CVE-2021-32970

CVE-2021-32968