CVE-2020-25194

Name of the Vulnerable Software and Affected Versions MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower

Description The issue concerns improper privilege management in the built-in WEB server, potentially allowing an attacker with user privileges to perform requests with administrative privileges.

Recommendations For MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower, consider restricting access to the built-in WEB server until a fix is available, and limit user privileges to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.