CVE-2021-4161

ICSA-21-357-01 Moxa MGate Protocol Gateways

CVSS 9.8 CRITICALEPSS 0.7%CWE-319

The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Moxa · MGate MB3180 Series Moxa · MGate MB3280 Series Moxa · MGate MB3480 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01