The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01 | Third Party Advisory US Government Resource |
https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 06:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01 - Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 9.8 |
Information
Published : 2021-12-27 19:15
Updated : 2024-11-21 06:37
NVD link : CVE-2021-4161
Mitre link : CVE-2021-4161
CVE.ORG link : CVE-2021-4161
JSON object : View
Products Affected
moxa
- mgate_mb3180
- mgate_mb3480
- mgate_mb3280_firmware
- mgate_mb3280
- mgate_mb3180_firmware
- mgate_mb3480_firmware
CWE
CWE-319
Cleartext Transmission of Sensitive Information