The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
07 Jan 2022, 18:11
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
References | (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01 - Third Party Advisory, US Government Resource | |
First Time |
Moxa
Moxa mgate Mb3480 Moxa mgate Mb3180 Moxa mgate Mb3180 Firmware Moxa mgate Mb3280 Moxa mgate Mb3480 Firmware Moxa mgate Mb3280 Firmware |
|
CPE | cpe:2.3:h:moxa:mgate_mb3180:-:*:*:*:*:*:*:* cpe:2.3:h:moxa:mgate_mb3280:-:*:*:*:*:*:*:* cpe:2.3:h:moxa:mgate_mb3480:-:*:*:*:*:*:*:* cpe:2.3:o:moxa:mgate_mb3480_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:moxa:mgate_mb3180_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:moxa:mgate_mb3280_firmware:*:*:*:*:*:*:*:* |
27 Dec 2021, 19:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-27 19:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-4161
Mitre link : CVE-2021-4161
CVE.ORG link : CVE-2021-4161
JSON object : View
Products Affected
moxa
- mgate_mb3280
- mgate_mb3480
- mgate_mb3180_firmware
- mgate_mb3280_firmware
- mgate_mb3480_firmware
- mgate_mb3180
CWE
CWE-319
Cleartext Transmission of Sensitive Information