Описание
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:moxa:awk-3131a_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:h:moxa:awk-3131a:-:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.0038
Низкий
5.9 Medium
CVSS3
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-613
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.
EPSS
Процентиль: 59%
0.0038
Низкий
5.9 Medium
CVSS3
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-613