CVE-2017-16727

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely compromise the confidentiality and integrity of the wireless traffic.
References
Link Resource
http://www.securityfocus.com/bid/102254 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01 Patch Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:nport_w2150a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_w2150a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:moxa:nport_w2250a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_w2250a:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-12-22 02:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-16727

Mitre link : CVE-2017-16727

CVE.ORG link : CVE-2017-16727


JSON object : View

Products Affected

moxa

  • nport_w2250a
  • nport_w2150a
  • nport_w2150a_firmware
  • nport_w2250a_firmware
CWE
CWE-521

Weak Password Requirements

CWE-255

Credentials Management Errors