CVE-2018-10698

CWE-3113 documents3 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 57.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moxa Awk-3121 Firmware
Timeline
PublishedJun 7
Latest updateMay 24

Description

An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET service by default. This allows an attacker who has been able to gain an MITM position to easily sniff the traffic between the device and the user. Also an attacker can easily connect to the TELNET daemon using the default credentials if they have not been changed by the user.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-xvhw-jxmj-rx78: An issue was discovered on Moxa AWK-3121 12022-05-24
CVEList
CVE-2018-10698: An issue was discovered on Moxa AWK-3121 12019-06-07
CVE-2018-10698 (CRITICAL CVSS 9.8) | An issue was discovered on Moxa AWK | cvebase.io