CVE-2016-5804: Weak Encryption
First published: Fri Jul 15 2016(Updated: )
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa Mgate Mb3180 Firmware | <1.8 | |
| MOXA Mgate MB3180 | ||
| Moxa Mgate Mb3280 Firmware | <2.7 | |
| Moxa Mgate Mb3280 | ||
| Moxa Mgate Mb3480 Firmware | <2.6 | |
| Moxa Mgate Mb3480 | ||
| Moxa Mgate Mb3170 Firmware | <2.5 | |
| Moxa Mgate Mb3170 | ||
| Moxa Mgate Mb3270 Firmware | <2.7 | |
| Moxa Mgate Mb3270 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/event
- agent/type
- collector/mitre-cve
- source/MITRE
- vendor/moxa
- canonical/moxa mgate mb3180 firmware
- canonical/moxa mgate mb3180
- canonical/moxa mgate mb3280 firmware
- canonical/moxa mgate mb3280
- canonical/moxa mgate mb3480 firmware
- canonical/moxa mgate mb3480
- canonical/moxa mgate mb3170 firmware
- canonical/moxa mgate mb3170
- canonical/moxa mgate mb3270 firmware
- canonical/moxa mgate mb3270