An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.
References
Link | Resource |
---|---|
http://www.talosintelligence.com/reports/TALOS-2016-0230 | Exploit Mitigation Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2017-04-12 19:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-8716
Mitre link : CVE-2016-8716
CVE.ORG link : CVE-2016-8716
JSON object : View
Products Affected
moxa
- awk-3131a
- awk-3131a_firmware
CWE
CWE-640
Weak Password Recovery Mechanism for Forgotten Password