CVE-2016-2286

7.5HIGH

Key Information:

Vendor
Moxa
Status
Miineport E2 1242 Firmware
Vendor
CVE Published:
31 May 2016

Summary

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors.

References

http://seclists.org/fulldisclosure/2016/May/7
mailing-listx_refsource_FULLDISC
https://ics-cert.us-cert.gov/advisories/ICSA-16-145-01
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.