CVE-2016-8716

CVSS 7.5 HIGHEPSS 0.8%

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Moxa · AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://www.talosintelligence.com/reports/TALOS-2016-0230