Описание
An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such as credentials.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:moxa:awk-3121_firmware:1.14:*:*:*:*:*:*:*
cpe:2.3:h:moxa:awk-3121:-:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00264
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-311
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such as credentials.
EPSS
Процентиль: 50%
0.00264
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-311