CVE-2017-7915

Name of the Vulnerable Software and Affected Versions Moxa OnCell G3110-HSPA versions 1.3 build 15082117 and previous versions Moxa OnCell G3110-HSDPA versions 1.2 Build 09123015 and previous versions Moxa OnCell G3150-HSDPA versions 1.4 Build 11051315 and previous versions Moxa OnCell 5104-HSDPA (affected versions not specified) Moxa OnCell 5104-HSPA (affected versions not specified) Moxa OnCell 5004-HSPA (affected versions not specified)

Description An issue with improper restriction of excessive authentication attempts was found, allowing an attacker to use brute force to determine parameters needed to bypass authentication.

Recommendations For Moxa OnCell G3110-HSPA versions 1.3 build 15082117 and previous versions, consider restricting access to the authentication mechanism to minimize the risk of exploitation. For Moxa OnCell G3110-HSDPA versions 1.2 Build 09123015 and previous versions, consider implementing rate limiting on authentication attempts as a temporary workaround. For Moxa OnCell G3150-HSDPA versions 1.4 Build 11051315 and previous versions, restrict access to the vulnerable authentication component until a fix is available. For Moxa OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA, at the moment, there is no information about a newer version that contains a fix for this vulnerability.