CyberSec.Space Logo
Back to CVE Browser

CVE-2016-8717

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1370%
EPSS Percentile9.27th
PublishedApr 2, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of affected devices.

Affected Platforms (CPE)

💻
Moxa

Awk 3131a Firmware

= 1.1

References & Advisories

🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0231
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0231

Related Vulnerabilities

CVE-2017-1445910.0

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Ind...

CVE-2019-51389.9

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware ...

CVE-2016-87219.1

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Ac...

CVE-2019-51368.8

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1....