PT-2016-2707 · Moxa · Moxa Oncell G3251+4

Published

2016-08-24

Updated

2016-11-28

CVE-2016-5799

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Moxa OnCell G3100V2 versions prior to 2.8 Moxa OnCell G3111 versions prior to 1.7 Moxa OnCell G3151 versions prior to 1.7 Moxa OnCell G3211 versions prior to 1.7 Moxa OnCell G3251 versions prior to 1.7

Description The issue is related to improper restriction of authentication attempts, making it easier for remote attackers to obtain access via a brute-force attack. This allows a remote attacker to gain access to the device.

Recommendations For Moxa OnCell G3100V2 versions prior to 2.8, update to version 2.8 or later. For Moxa OnCell G3111, G3151, G3211, and G3251 versions prior to 1.7, update to version 1.7 or later. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.

Fix

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285

Related Identifiers

BDU:2016-02101

CVE-2016-5799

Affected Products

Moxa Oncell G3100V2

Moxa Oncell G3111

Moxa Oncell G3151

Moxa Oncell G3211

Moxa Oncell G3251

PT-2016-2707 · Moxa · Moxa Oncell G3251+4

CVE-2016-5799

Weakness Enumeration

Related Identifiers

Affected Products

References · 5