Уязвимость микропрограммного обеспечения промышленных модемов OnCell G3470A-LTE Series, WDR-3124A Series, микропрограммного обеспечения мар…

CVSS

10.0

Critical

EPSS

0.00

Published

2021-01-01

Updated

2021-01-01

Description

Уязвимость микропрограммного обеспечения промышленных модемов OnCell G3470A-LTE Series, WDR-3124A Series, микропрограммного обеспечения маршрутизаторов Wi-Fi TAP-323 Series, WAC-1001 Series, WAC-2004 Series связана с использованием неуникальных сертификатов X.509 и ключей хоста SSH. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии

Affected products

Moxa inc. Moxa oncell g3470a-lteMoxa inc. Tap-323 seriesMoxa inc. Wac-1001 seriesMoxa inc. Wac-2004 seriesMoxa inc. Wdr-3124a series

CVSS vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Timeline

2021-01-01

Published

2021-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Authentication

Au: N

None (N)

Confidentiality Impact

C: C

Complete

Integrity Impact

I: C

Complete

Availability Impact

A: C

Complete

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Moxa

Tap-323 Series Moxa Oncell G3470a-lte Wdr-3124a Series Wac-1001 Series Wac-2004 Series

Product	Vendor	Status
moxa oncell g3470a-lte	moxa inc.	Tracked
tap-323 series	moxa inc.	Tracked
wac-1001 series	moxa inc.	Tracked
wac-2004 series	moxa inc.	Tracked
wdr-3124a series	moxa inc.	Tracked

Source databases

BDU

External references

https://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities@https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities