An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.
References
Link | Resource |
---|---|
http://www.talosintelligence.com/reports/TALOS-2016-0230 | Exploit Mitigation Third Party Advisory |
http://www.talosintelligence.com/reports/TALOS-2016-0230 | Exploit Mitigation Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.talosintelligence.com/reports/TALOS-2016-0230 - Exploit, Mitigation, Third Party Advisory |
Information
Published : 2017-04-12 19:59
Updated : 2024-11-21 02:59
NVD link : CVE-2016-8716
Mitre link : CVE-2016-8716
CVE.ORG link : CVE-2016-8716
JSON object : View
Products Affected
moxa
- awk-3131a_firmware
- awk-3131a
CWE
CWE-640
Weak Password Recovery Mechanism for Forgotten Password