CVE-2017-12123
First published: Mon May 14 2018(Updated: )
An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. An attacker can look at network traffic to get the admin password for the device. The attacker can then use the credentials to login as admin.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa Edr-810 Firmware | =4.1 | |
| Moxa EDR-810 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-12123?
CVE-2017-12123 is considered a high severity vulnerability due to the exploitation potential that allows attackers to capture clear text passwords.
How do I fix CVE-2017-12123?
To fix CVE-2017-12123, update the Moxa EDR-810 firmware to a version that addresses this vulnerability.
Who is affected by CVE-2017-12123?
CVE-2017-12123 affects devices running Moxa EDR-810 firmware version 4.1.
What type of attacks can occur due to CVE-2017-12123?
CVE-2017-12123 can lead to unauthorized access as attackers can capture and use the admin password during transmission.
Is there a workaround for CVE-2017-12123?
A workaround for CVE-2017-12123 includes disabling telnet access and using secure protocols for remote access.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- vendor/moxa
- canonical/moxa edr-810 firmware
- version/moxa edr-810 firmware/4.1
- canonical/moxa edr-810