Moxa MXView 2.8 allows remote attackers to read web server’s private key file, no access control.