CRITICAL🇬🇧 English

CVE-2016-5804

CVSS 9.8v3.1pub. 2016-07-15upd. 2026-05-06

Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Moxa Mgate Mb3170

    HW
    Moxa
    wszystkie wersje
  • Moxa Mgate Mb3170 Firmware

    OS
    Moxa
    < 2.5
  • Moxa Mgate Mb3180

    HW
    Moxa
    wszystkie wersje
  • Moxa Mgate Mb3180 Firmware

    OS
    Moxa
    < 1.8
  • Moxa Mgate Mb3270

    HW
    Moxa
    wszystkie wersje
  • Moxa Mgate Mb3270 Firmware

    OS
    Moxa
    < 2.7
  • Moxa Mgate Mb3280

    HW
    Moxa
    wszystkie wersje
  • Moxa Mgate Mb3280 Firmware

    OS
    Moxa
    < 2.7
  • Moxa Mgate Mb3480

    HW
    Moxa
    wszystkie wersje
  • Moxa Mgate Mb3480 Firmware

    OS
    Moxa
    < 2.6
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-4161CRITICAL9.8ten sam produkt

The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decr...

CVE-2022-27048HIGH7.4ten sam produkt

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MIT...

CVE-2021-33823HIGH7.5ten sam produkt

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of ...

CVE-2021-33824HIGH7.5ten sam produkt

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool t...

CVE-2023-39979CRITICAL9.8ten sam vendor

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication....

CVE-2016-5804 — CRITICAL 9.8 | CVEbaza.pl