CVE-2016-5812

Published: Aug 24, 2016Modified: May 6, 2026

3.3

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file.

Affected (2)

Products: Moxa: Oncell G3001 Firmware, Oncell G3100v2 Firmware

Moxa

2 products

Oncell G3001 Firmware

Oncell G3100v2 Firmware

Configuration A

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Moxa Oncell G3001 Firmware	Up to 1.6

Running on/with	Platform Versions
Moxa Oncell G3111	All versions
Moxa Oncell G3151	All versions
Moxa Oncell G3211	All versions
Moxa Oncell G3251	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Moxa Oncell G3100v2 Firmware	Up to 2.7

Running on/with	Platform Versions
Moxa Oncell G3100v2	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/92605

Source: ics-cert@hq.dhs.gov

https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01

Source: ics-cert@hq.dhs.gov

MitigationThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/92605

Source: af854a3a-2127-422b-91ae-364da2661108

https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party AdvisoryUS Government Resource

Timeline

No history available yet.