Vulnerability Details CVE-2016-5804
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
Products affected by CVE-2016-5804
-
cpe:2.3:h:moxa:mgate_mb3170:-
-
cpe:2.3:h:moxa:mgate_mb3180:-
-
cpe:2.3:h:moxa:mgate_mb3270:-
-
cpe:2.3:h:moxa:mgate_mb3280:-
-
cpe:2.3:h:moxa:mgate_mb3480:-
-
cpe:2.3:o:moxa:mgate_mb3170_firmware:-
-
cpe:2.3:o:moxa:mgate_mb3170_firmware:2.4
-
cpe:2.3:o:moxa:mgate_mb3180_firmware:1.7
-
cpe:2.3:o:moxa:mgate_mb3270_firmware:-
-
cpe:2.3:o:moxa:mgate_mb3270_firmware:2.6
-
cpe:2.3:o:moxa:mgate_mb3280_firmware:2.6
-
cpe:2.3:o:moxa:mgate_mb3480_firmware:2.5