// For flags

CVE-2016-8716

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.

Existe una vulnerabilidad explícita para Cleartext Transmission of Password en la funcionalidad de aplicación Web del Moxa AWK-3131A Wireless Access Point que ejecuta el firmware 1.1. La funcionalidad Cambiar contraseña de la aplicación web transmite la contraseña en texto sin cifrar. Un atacante capaz de interceptar este tráfico es capaz de obtener credenciales válidas.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-10-17 CVE Reserved
  • 2017-04-12 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-640: Weak Password Recovery Mechanism for Forgotten Password
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Moxa
Search vendor "Moxa"
Awk-3131a Firmware
Search vendor "Moxa" for product "Awk-3131a Firmware"
1.1
Search vendor "Moxa" for product "Awk-3131a Firmware" and version "1.1"
-
Affected
in Moxa
Search vendor "Moxa"
Awk-3131a
Search vendor "Moxa" for product "Awk-3131a"
--
Safe