CVE-2016-8716 HIGH

CVE-2016-8716

Vendor Moxa
Product AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client
Published April 12, 2017
Last update August 6, 2024

CVSS base score

7.5/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.

Key dates

02Disclosure timeline

April 12, 2017 CVE published
August 6, 2024 Record updated