Skip to main content
Security Advisory

Moxa Multiple Vulnerabilities

Affects TAP-213 Series: v1.2 and prior, OnCell G3150A: v1.5 and prior, OnCell G3470A: v1.7 and prior, WDR-3124A: v1.3 and prior, AWK-3131A: v1.16 and prior, AWK-4131A: v1.16 and prior, AWK-1131A: v1.22 and prior, AWK-1137C: v1.6 and prior

Risk Information

affected product:

TAP-213 Series: v1.2 and prior, OnCell G3150A: v1.5 and prior, OnCell G3470A: v1.7 and prior, WDR-3124A: v1.3 and prior, AWK-3131A: v1.16 and prior, AWK-4131A: v1.16 and prior, AWK-1131A: v1.22 and prior, AWK-1137C: v1.6 and prior

Limited Threat

CVE ID

CVE-2021-37752

CVE-2021-37753

CVE-2021-37755

CVE-2021-37757

CVE-2021-37751

CVE-2021-37754

CVE-2021-37758

CVE-2021-37756

CVE-2021-37756

ID

CVE-2021-37752

Source

Dragos

Skill Level

N/A

CVSSV3 BASE / TEMPORAL SCORE

N/A

CVSSV3 vector

N/A

Affecting

  • TAP-213 Series: v1.2 and prior, OnCell G3150A: v1.5 and prior, OnCell G3470A: v1.7 and prior, WDR-3124A: v1.3 and prior, AWK-3131A: v1.16 and prior, AWK-4131A: v1.16 and prior, AWK-1131A: v1.22 and prior, AWK-1137C: v1.6 and prior

    • Vulnerability Type

    Cross-site Scripting

    Buffer Overflow

    Improper Neutralization of Special Elements used in a command

    Command Injection

    Incorrect Implementation of Authentication Algorithm

    Plaintext Storage of Password

    Improper Restriction of Operations within the Bounds of a Memory Buffer

    Observable Response Discrepancy

    Unauthorized Access

    Disclosure Timeline

    12/30/2021 - Dragos discloses issue