CVE-2019-9095

Name of the Vulnerable Software and Affected Versions Moxa MGate MB3170 versions prior to 4.1 Moxa MGate MB3270 versions prior to 4.1 Moxa MGate MB3280 versions prior to 3.1 Moxa MGate MB3480 versions prior to 3.1 Moxa MGate MB3660 versions prior to 2.3 Moxa MGate MB3180 versions prior to 2.1

Description An issue was discovered that allows an attacker to intercept weakly encrypted passwords, potentially gaining administrative access. The vulnerability is related to the use of an unstable cryptographic algorithm, which can be exploited by a remote attacker to gain unauthorized access to protected information using a configuration file.

Recommendations For Moxa MGate MB3170 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3270 versions prior to 4.1, update to version 4.1 or later. For Moxa MGate MB3280 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3480 versions prior to 3.1, update to version 3.1 or later. For Moxa MGate MB3660 versions prior to 2.3, update to version 2.3 or later. For Moxa MGate MB3180 versions prior to 2.1, update to version 2.1 or later.