CVE-2016-8716

Published: Apr 12, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.6 / Impact: 5.9

Source: NVD

Description

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.

Affected (1)

Products: Moxa: Awk 3131a Firmware

1 product

Awk 3131a Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Moxa Awk 3131a Firmware	Version 1.1

Running on/with	Platform Versions
Moxa Awk 3131a	All versions

Related CWEs

Weak Password Recovery Mechanism for Forgotten Password

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

References (2)

http://www.talosintelligence.com/reports/TALOS-2016-0230

Source: talos-cna@cisco.com

ExploitMitigationThird Party Advisory

http://www.talosintelligence.com/reports/TALOS-2016-0230

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMitigationThird Party Advisory

Timeline

No history available yet.