Vulnerability CVE-2016-5804


Published: 2016-07-15

Description:
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
MOXA -> Mgate mb3170 router firmware 
MOXA -> Mgate mb3180 router firmware 
MOXA -> Mgate mb3270 router firmware 
MOXA -> Mgate mb3280 router firmware 
MOXA -> Mgate mb3480 router firmware 

 References:
https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02

Copyright 2022, cxsecurity.com

 

Back to Top