CVE-2018-10694

CWE-3113 documents3 sources
Severity
8.1HIGH
EPSS
0.1%
top 69.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moxa Awk-3121 Firmware
Timeline
PublishedJun 7
Latest updateMay 24

Description

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between the user's computer and the device. This can allow an attacker to steal the credentials passing over the HTTP connection as well as TELNET traffic. Also an attacker can MITM the response and infect a user

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-wp8r-cvvg-9jf3: An issue was discovered on Moxa AWK-3121 12022-05-24
CVEList
CVE-2018-10694: An issue was discovered on Moxa AWK-3121 12019-06-07
CVE-2018-10694 (HIGH CVSS 8.1) | An issue was discovered on Moxa AWK | cvebase.io