CVE-2016-8717

Name of the Vulnerable Software and Affected Versions Moxa AWK-3131A Wireless Access Point version 1.1 OnCell G3470A-LTE Series (affected versions not specified) WDR-3124A Series (affected versions not specified) TAP-323 Series (affected versions not specified) WAC-1001 Series (affected versions not specified) WAC-2004 Series (affected versions not specified)

Description The issue is related to the use of hard-coded credentials in the software. This could allow a remote attacker to gain elevated privileges. The device operating system contains an undocumented, privileged account with hard-coded credentials, giving attackers full control of affected devices.

Recommendations For Moxa AWK-3131A Wireless Access Point version 1.1, consider disabling the undocumented, privileged account until a patch is available. For OnCell G3470A-LTE Series, WDR-3124A Series, TAP-323 Series, WAC-1001 Series, WAC-2004 Series, at the moment, there is no information about a newer version that contains a fix for this vulnerability.