Talos Vulnerability Report

TALOS-2016-0230

Moxa AWK-3131A Web Application Cleartext Transmission of Password Vulnerability

April 10, 2017

Report ID

CVE-2016-8716

Summary

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.

Tested Versions

Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client 1.1

Product URLs

http://www.moxa.com/product/AWK-3131A.htm

CVSSv3 Score

7.5 - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. The Change Password functionality of the Web Application transmits the password in cleartext as HTTP POST parameters. An attacker capable of intercepting this traffic is able to obtain valid credentials.

Mitigation

To significantly mitigate risk of exploitation, disable the web application before the device is deployed.

Credit

Discovered by Patrick DeSantis of Cisco Talos.

Timeline

2016-11-14 - Vendor Disclosure
2017-04-10 - Public Release