Search criteria
6 vulnerabilities found for mgate_mb3170_firmware by moxa
FKIE_CVE-2022-27048
Vulnerability from fkie_nvd - Published: 2022-04-15 19:15 - Updated: 2024-11-21 06:55
Severity ?
Summary
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5106D0-CF28-427B-A11F-3F69D275BDE5",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D6AB6D-039C-45CA-BA55-9B591BB6DC7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170i-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94F561CA-9FDF-4302-AB58-6A93CDCB66B3",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170i-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7B12F0-9B40-422C-B79C-0291795CE9E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-m-st_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22FA7211-5B8C-4D0A-817A-5FBA83917A57",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-m-st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "125EFA67-8611-4D2A-959D-9CD2FDD8C47C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-m-sc-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833B9876-AA90-4046-99A3-13E7B35B2F07",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-m-sc-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBA3B15-A55A-4C99-A2C9-CDB28DF50C93",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68D5F21A-B810-4BC5-B54F-A5B35E45821D",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCA36D6-849E-4F19-A9B8-3BF9F65BB325",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E877E9-2113-4608-B7D7-4AEDC1024452",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7D1E93-1761-4C56-8937-8758E68AFE52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-m-sc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67D912F0-2A34-449D-9054-F44F9E562B05",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-m-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D997A788-E1F6-4EF9-A9B7-3B04A7171DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170i-s-sc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D937FB4A-222B-4BE7-83B9-8A1A7D483CC6",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170i-s-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE45F05-B34E-47D4-B63D-59BADC9B3F0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3270i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDE6C4C-019E-42E2-9400-B46168B59903",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3270i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D473D424-7E2E-4C20-A703-1EAA844D1D46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3270i-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9878EF-BC6A-4663-9FB9-597FF27AE425",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3270i-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AED58BDD-6845-4261-8C87-55114C2E7F1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170i-m-sc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7991E10D-F542-4AE5-A7BC-BC7C32913139",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170i-m-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A008E212-4BB0-45B0-9559-5BFE3F39A8FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-s-sc-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF74966-4A7A-42CA-8B21-1037DAD722F1",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-s-sc-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213D9A38-A8A4-461E-80F3-091ABDF5CE49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170i-m-sc-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "718EEE18-630C-480D-9667-352071765897",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170i-m-sc-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1AEF455-FA00-4365-9B97-33F91A46AAB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3270_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179C42E1-83E2-4800-A704-D546A514F411",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8A844A-71EB-4A4F-87BD-AA7962553B99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3270-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C07C91DA-6E30-4321-8FE3-B7E66F6DB919",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3270-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FBBBF5-689C-4D25-BF39-DE3DB757E355",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-s-sc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68C6F2E9-2096-4D07-8114-8FC595828091",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-s-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6795CC22-FEDE-4CA4-96CA-9F9A5D2CC620",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170-m-st-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C5F880E-5D7E-4497-9B6C-CFC3529236B7",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170-m-st-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47A4D4C5-FD34-421B-AFBA-9114E275737A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170i-s-sc-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28B18272-6DD2-45CB-89A9-3CB7775FFB8C",
"versionEndIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170i-s-sc-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210BB9DF-219C-4006-A92B-EDB424E113C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3280_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7913FB-83D1-44A5-8DE0-350177265BA4",
"versionEndIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB8238C-7B72-4EEB-A656-090B3E8978D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A17484F-2EE1-45FD-8341-EDB01F907AA9",
"versionEndIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEC8167-9069-4DA5-9281-C43AD60CD675",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en Moxa MGate que permite a un atacante llevar a cabo un ataque de tipo man-in-the-middle (MITM) en el dispositivo. Esto afecta a MGate MB3170 Series Firmware versiones 4.2 y anteriores. y MGate MB3270 Series Firmware versiones 4.2 y anteriores. y MGate MB3280 Series Firmware versiones 4.1 y anteriores. y MGate MB3480 Series Firmware versiones 3.2 y anteriores"
}
],
"id": "CVE-2022-27048",
"lastModified": "2024-11-21T06:55:02.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-15T19:15:15.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-5804
Vulnerability from fkie_nvd - Published: 2016-07-15 16:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/91777 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91777 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| moxa | mgate_mb3180_firmware | * | |
| moxa | mgate_mb3180 | - | |
| moxa | mgate_mb3280_firmware | * | |
| moxa | mgate_mb3280 | - | |
| moxa | mgate_mb3480_firmware | * | |
| moxa | mgate_mb3480 | - | |
| moxa | mgate_mb3170_firmware | * | |
| moxa | mgate_mb3170 | - | |
| moxa | mgate_mb3270_firmware | * | |
| moxa | mgate_mb3270 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3180_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54BDF768-67A6-4FA7-AA9B-7A0787F550D8",
"versionEndExcluding": "1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3180:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF77C838-FB6C-4A55-B5E5-FA4DDE11F3BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3280_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE291CE-B3AD-446E-9637-E82671D2CEB0",
"versionEndExcluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB8238C-7B72-4EEB-A656-090B3E8978D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB9FC92-AF70-4113-9310-A7C485A64359",
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEC8167-9069-4DA5-9281-C43AD60CD675",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3170_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCD3F39-7DDF-4783-AB01-438FE0A68F43",
"versionEndExcluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3170:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCA36D6-849E-4F19-A9B8-3BF9F65BB325",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:mgate_mb3270_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B901791F-7BAE-492B-806A-9DC9DB2FF31F",
"versionEndExcluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:mgate_mb3270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8A844A-71EB-4A4F-87BD-AA7962553B99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value."
},
{
"lang": "es",
"value": "Moxa MGate MB3180 en versiones anteriores a 1.8, MGate MB3280 en versiones anteriores a 2.7, MGate MB3480 en versiones anteriores a 2.6, MGate MB3170 en versiones anteriores a 2.5 y MGate MB3270 en versiones anteriores a 2.7 usa encriptaci\u00f3n d\u00e9bil, lo que permite a atacantes remotos eludir autenticaci\u00f3n a trav\u00e9s de una serie de conjeturas de fuerza-bruta para un valor de par\u00e1metro."
}
],
"id": "CVE-2016-5804",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-15T16:59:14.347",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91777"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-27048 (GCVE-0-2022-27048)
Vulnerability from cvelistv5 – Published: 2022-04-15 18:10 – Updated: 2024-08-03 05:18
VLAI?
Summary
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:18:39.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-15T18:10:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-27048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability",
"refsource": "MISC",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27048",
"datePublished": "2022-04-15T18:10:41",
"dateReserved": "2022-03-14T00:00:00",
"dateUpdated": "2024-08-03T05:18:39.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5804 (GCVE-0-2016-5804)
Vulnerability from cvelistv5 – Published: 2016-07-15 16:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:08.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"name": "91777",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"name": "91777",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91777"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-5804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"name": "91777",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91777"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-5804",
"datePublished": "2016-07-15T16:00:00",
"dateReserved": "2016-06-23T00:00:00",
"dateUpdated": "2024-08-06T01:15:08.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27048 (GCVE-0-2022-27048)
Vulnerability from nvd – Published: 2022-04-15 18:10 – Updated: 2024-08-03 05:18
VLAI?
Summary
A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:18:39.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-15T18:10:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-27048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability",
"refsource": "MISC",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27048",
"datePublished": "2022-04-15T18:10:41",
"dateReserved": "2022-03-14T00:00:00",
"dateUpdated": "2024-08-03T05:18:39.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5804 (GCVE-0-2016-5804)
Vulnerability from nvd – Published: 2016-07-15 16:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:08.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"name": "91777",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"name": "91777",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91777"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-5804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02"
},
{
"name": "91777",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91777"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-5804",
"datePublished": "2016-07-15T16:00:00",
"dateReserved": "2016-06-23T00:00:00",
"dateUpdated": "2024-08-06T01:15:08.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}