CVE-2021-37754

Name of the Vulnerable Software and Affected Versions Moxa OnCell G3150A-LTE versions (affected versions not specified) Moxa OnCell G3470A-LTE versions (affected versions not specified) Moxa WDR-3124A versions (affected versions not specified) Moxa AWK-3131A versions (affected versions not specified) Moxa AWK-4131A versions (affected versions not specified) Moxa AWK-1131A versions (affected versions not specified) Moxa AWK-1137C versions (affected versions not specified)

Description The issue is related to insufficient restriction of authentication attempts in the firmware of certain Moxa industrial LTE modems and wireless access points. This can be exploited by a remote attacker to perform a brute force attack.

Recommendations For Moxa OnCell G3150A-LTE, consider restricting access to the device until a patch is available. For Moxa OnCell G3470A-LTE, consider implementing additional authentication measures to minimize the risk of exploitation. For Moxa WDR-3124A, restrict access to the device until a fix is provided. For Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C, consider disabling remote access or limiting authentication attempts as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.