Lucene search
My SeebugSSV:97227HistoryApr 16, 2018 - 12:00 a.m.
Moxa EDR-810 Plaintext Password Storage Vulnerability(CVE-2017-12127)
2018-04-1600:00:00
My Seebug
www.seebug.org
27
0.001 Low
EPSS
Percentile
25.8%
Summary
An password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.
Tested Versions
Moxa EDR-810 V4.1 build 17030317
Product URLs
https://www.moxa.com/product/EDR-810.htm
CVSSv3 Score
4.4 - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
CWE-256 - Plaintext Storage of a Password
Details
The device stores credentials in plaintext in /magicP/cfg4.0/cfg_file/USER_ACCOUNT.CFG. This file mirrors the contents of /etc/shadow, except all the passwords are in plaintext.
Exploit Proof-of-Concept
cat /magicP/cfg4.0/cfg_file/USER_ACCOUNT.CFG
Timeline
- 2017-11-15 - Vendor Disclosure
- 2017-11-19 - Vendor Acknowledged
- 2017-12-25 - Vendor provided timeline for fix (Feb 2018)
- 2018-01-04 - Timeline pushed to mid-March per vendor
- 2018-03-24 - Talos follow up with vendor for release timeline
- 2018-03-26 - Timeline pushed to 4/13/18 per vendor
- 2018-04-12 - Vendor patched & published new firmware on website
- 2018-04-13 - Public Release
Related
cvelist
cvelist
CVE-2017-12127
2018-04-13 00:00:00
nvd
nvd
CVE-2017-12127
2018-05-14 20:29:00
nessus
nessus
Moxa EDR-810 Plaintext Password Storage (CVE-2017-12127)
2023-08-02 00:00:00
talos
talos
Moxa EDR-810 Plaintext Password Storage Vulnerability
2018-04-13 00:00:00
cve
cve
CVE-2017-12127
2018-05-14 20:29:00
prion
prion
Cross site scripting
2018-05-14 20:29:00
talosblog
talosblog