CVE-2016-0876

CWE-312Cleartext Storage of Sensitive InfoCWE-3316 documents5 sources
Severity
7.5HIGH
EPSS
0.4%
top 39.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moxa Edr-g903 Firmware
Timeline
PublishedMay 31
Latest updateMay 13

Description

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-mf9w-62p6-2jh9: Moxa Secure Router EDR-G903 devices before 32022-05-13
CVEList
CVE-2016-0876: Moxa Secure Router EDR-G903 devices before 32016-05-31

📋Vendor Advisories

1
Red Hat
expat: Little entropy used for hash initialization2016-06-04

💬Community

2
Bugzilla
CVE-2016-8629 keycloak: user deletion via incorrect permissions check2016-10-26
Bugzilla
CVE-2016-5300 expat: Little entropy used for hash initialization2016-06-06
CVE-2016-0876 (HIGH CVSS 7.5) | Moxa Secure Router EDR-G903 devices | cvebase.io