CVE-2020-25190

Name of the Vulnerable Software and Affected Versions MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower

Description The issue concerns the storage and transmission of credentials for third-party services in cleartext by the built-in WEB server. This affects the confidentiality of the credentials, as they can be easily intercepted or accessed.

Recommendations For MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower, update to a version higher than 2.1 to resolve the issue. As a temporary workaround, consider restricting access to the built-in WEB server to minimize the risk of exploitation.