CVE-2016-8712

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.
References
Link Resource
http://www.talosintelligence.com/reports/TALOS-2016-0225/ Exploit Mitigation Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:awk-3131a_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:h:moxa:awk-3131a:-:*:*:*:*:*:*:*

Information

Published : 2017-04-13 12:59

Updated : 2022-12-13 13:57


NVD link : CVE-2016-8712

Mitre link : CVE-2016-8712


JSON object : View

CWE
CWE-613

Insufficient Session Expiration

Advertisement

dedicated server usa

Products Affected

moxa

  • awk-3131a
  • awk-3131a_firmware