CVE-2021-40390
published 2022-04-14CVE-2021-40390: An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.35%
81.6th percentile
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | mxview | — | — |
| moxa | mxview_series | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
58459
snort↗
58460
- →Exploit is triggered by a specially crafted HTTP request requiring no prior authentication; monitor for unauthenticated HTTP requests to Moxa MXView web application endpoints. ↗
- ·Snort rules 58459 and 58460 are subject to change as additional vulnerability information becomes available; always reference the latest rule definitions from Cisco Secure Firewall Management Center or Snort.org. ↗
- ·Only Moxa MXView Series version 3.2.4 was tested and confirmed vulnerable; other versions have not been explicitly confirmed. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.010.0CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
blogs_talos·2022-02-11·CVSS 9.8
CVE-2021-40392 [CRITICAL] Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
Patrick DeSantis of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device.
MXview is designed for users to configure, monitor and diagnose networking devices connected to networks in industrial control system environments.
TALOS-2021-1403 (CVE-2021-40392) exists in MXview’s web application. An attacker could sniff traffic and gain the appropriate information to then exploit the vulnerability and view unencrypted network communication.
An attacker could also access the device without any prior authentication by exploiting TALOS-2021-1401 (CVE-2021-40390) by sending a specially crafted HTTP request to the ta
Talos
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
blogs_talos·2022-02-11·CVSS 9.8
[CRITICAL] Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
## Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
Patrick DeSantis of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device.
MXview is designed for users to configure, monitor and diagnose networking devices connected to networks in industrial control system environments.
TALOS-2021-1403 (CVE-2021-40392) exists in MXview’s web application. An attacker could sniff traffic and gain the appropriate information to then exploit the vulnerability and view unencrypted network communication.
An attacker could also access the device without
2022-04-14
Published