CVE-2021-4161
Summary
| CVE | CVE-2021-4161 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-27 19:15:00 UTC |
| Updated | 2022-01-07 18:11:00 UTC |
| Description | The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server. |
Risk And Classification
Problem Types: CWE-319
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Moxa | Mgate Mb3180 | - | All | All | All |
| Operating System | Moxa | Mgate Mb3180 Firmware | All | All | All | All |
| Hardware | Moxa | Mgate Mb3280 | - | All | All | All |
| Operating System | Moxa | Mgate Mb3280 Firmware | All | All | All | All |
| Hardware | Moxa | Mgate Mb3480 | - | All | All | All |
| Operating System | Moxa | Mgate Mb3480 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Moxa MGate Protocol Gateways | CISA | MISC | www.cisa.gov | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Parul Sindhwad, Anurag M. Chevendra, and Dr. Faruk Kazi of CoE-CNDS Lab; VJTI; and Mumbai-INDIA reported this vulnerability to Moxa.
Legacy QID Mappings
- 591185 Moxa MGate Protocol Gateways Vulnerability (ICSA-21-357-01)