CVE-2016-8717
 
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of affected devices.
Existe una vulnerabilidad explotable de uso de credenciales embebidas en los puntos de acceso inalámbrico Moxa AWK-3131A que ejecuten la versión 1.1 del firmware. El sistema operativo del dispositivo contiene una cuenta privilegiada (root) y sin documentar con credenciales embebidas, lo que da a los atacantes el control total de los dispositivos afectados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-10-17 CVE Reserved
- 2018-04-02 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0231 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Moxa Search vendor "Moxa" | Awk-3131a Firmware Search vendor "Moxa" for product "Awk-3131a Firmware" | 1.1 Search vendor "Moxa" for product "Awk-3131a Firmware" and version "1.1" | - |
Affected
| in | Moxa Search vendor "Moxa" | Awk-3131a Search vendor "Moxa" for product "Awk-3131a" | - | - |
Safe
|