Maxim Kozhevnikov

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3180 versions prior to 2.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 **Description** An issue was discovered that allows an attacker to access sensitive information, such as conducting `username` disclosure attacks, on the built-in WEB-service without authorization. The vulnerability is related to weaknesses in the security mechanisms of the Moxa MGate devices' web server. This can enable a remote attacker to gain unauthorized access to protected information. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later. As a temporary workaround, consider restricting access to the built-in WEB-service until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3180 versions prior to 2.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 **Description** The issue is related to a predictable token generation mechanism in the embedded web server of Moxa MGate devices. This allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism, potentially enabling them to perform arbitrary actions on the vulnerable device. The exploitation of this issue can lead to the execution of unauthorized actions on the device through cross-site request forgery. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later.

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3180 versions prior to 2.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 **Description** The issue is related to a buffer overflow in the built-in web server of Moxa MGate devices when handling input data in the `MD5Password` parameter. This can allow a remote attacker to execute arbitrary code or cause a denial of service using a specially crafted packet. The buffer overflow occurs in the stack, enabling potential code execution or disruption of service. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later. As a temporary workaround, consider restricting access to the built-in web server to minimize the risk of exploitation. Avoid using the `MD5Password` parameter in the affected web server until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3180 versions prior to 2.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 **Description** The issue is related to an integer overflow in the built-in web server of Moxa MGate devices, which allows remote attackers to initiate a denial of service (DoS). The vulnerability is also associated with a buffer overflow in the stack when processing input data in the `Content-Length` parameter, potentially allowing an attacker to execute arbitrary code or cause a denial of service using a specially crafted packet. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later. As a temporary workaround, consider disabling the built-in web server until a patch is available. Restrict access to the vulnerable devices to minimize the risk of exploitation. Avoid using the `Content-Length` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3180 versions prior to 2.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 **Description** The issue is related to an uncontrolled resource consumption in the Moxa MGate protocol converters. A high rate of transit traffic may cause a low-memory condition, leading to a denial of service. This can be exploited by a remote attacker using a specially crafted packet. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later to resolve the issue. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later to resolve the issue. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later to resolve the issue. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later to resolve the issue. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later to resolve the issue. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3180 versions prior to 2.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 **Description** The issue is related to insufficient password requirements for the MGate web application, which may allow an attacker to gain access by brute-forcing account passwords. This can enable a remote attacker to gain full access to the system by directly guessing the credentials. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later.

**Name of the Vulnerable Software and Affected Versions** Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 Moxa MGate MB3180 versions prior to 2.1 **Description** The application's configuration file contains parameters that represent passwords in cleartext, allowing an attacker to gain unauthorized access to protected information using a specially crafted configuration file. This issue is related to the unencrypted storage of confidential information. **Recommendations** For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later to resolve the issue. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later to resolve the issue. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later to resolve the issue. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later to resolve the issue. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later to resolve the issue. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the configuration file to minimize the risk of exploitation.