Moxa TAP-213/TAP-323 Series Wireless AP/Bridge/Client Vulnerabilities

Multiple vulnerabilities exist in Moxa TAP-213/TAP-323 Series Wireless AP/Bridge/Client devices across all versions: 1. Command Injection (CVE-2021-37752): Arbitrary command execution via web interface 2. Authentication Bypass (CVE-2021-37753, CVE-2021-37755): Remote authentication bypass and unencrypted credential storage 3. Buffer Overflow (CVE-2021-37757): Service crash via improper input restriction 4. Information Disclosure (CVE-2021-37751): Sensitive information exposure to unauthorized users 5. Weak Brute Force Protection (CVE-2021-37754): Insufficient authentication attempt limiting 6. Cross-Site Scripting (CVE-2021-37756): HTML/JavaScript injection via web interface 7. Firmware Verification (CVE-2021-37758): Improper firmware signature verification allows malicious firmware installation Moxa has indicated solutions are in development but no patched versions have been released.