CVE-2017-16727

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely compromise the confidentiality and integrity of the wireless traffic.
References
Link Resource
http://www.securityfocus.com/bid/102254 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01 Patch Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/102254 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01 Patch Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:nport_w2150a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_w2150a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:moxa:nport_w2250a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_w2250a:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:16

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/102254 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/102254 - Third Party Advisory, VDB Entry
References () https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01 - Patch, Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01 - Patch, Third Party Advisory, US Government Resource

Information

Published : 2017-12-22 02:29

Updated : 2024-11-21 03:16


NVD link : CVE-2017-16727

Mitre link : CVE-2017-16727

CVE.ORG link : CVE-2017-16727


JSON object : View

Products Affected

moxa

  • nport_w2150a
  • nport_w2150a_firmware
  • nport_w2250a
  • nport_w2250a_firmware
CWE
CWE-255

Credentials Management Errors

CWE-521

Weak Password Requirements