Mgate Mb3180 Firmware
CVE-2021-4161
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.
AnalysisAI
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-319. The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server. Affected products include: Moxa Mgate Mb3180 Firmware, Moxa Mgate Mb3280 Firmware, Moxa Mgate Mb3480 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Mgate Mb3180 Firmware
View allAn issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Rated high severity (CVSS 7.5), this vulnerabil
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Rated high severity (CVSS 7.5), this vulnerabil
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB327
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today