The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XMoxa Mxview One
APPMoxa< 1.4.1Moxa Mxview One Central Manager
APPMoxa1.0.0
Related vulnerabilities
The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, en...
This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and th...
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication....
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been report...
Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote user can explo...