Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
talosTalos IntelligenceTALOS-2021-1403
HistoryFeb 11, 2022 - 12:00 a.m.

Moxa MXView Series Web Application information disclosure vulnerability

2022-02-1100:00:00
Talos Intelligence
www.talosintelligence.com
47
moxa mxview series
information disclosure
web application
cve-319
network management software
cleartext transmission

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

58.7%

JSON

Summary

An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.

Tested Versions

Moxa MXView Series 3.2.4

Product URLs

MXView Series - <https://www.moxa.com/en/products/industrial-network-infrastructure/network-management-software/mxview-series&gt;

CVSSv3 Score

5.3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

CWE-319 - Cleartext Transmission of Sensitive Information

Details

Moxa’s MXView network management software is designed for configuring, monitoring and diagnosing networking devices in industrial networks. MXView provides an integrated management platform that can discover networking devices and SNMP/IP devices installed on subnets. All selected network components can be managed via a web browser from both local and remote sites—anytime and anywhere.

The default installation of the MXView web application is configured to transmit credentials in cleartext. Neither the credentials nor the communication channel are encrypted, requiring administrators to explicitly disable unencrypted protocols.

Exploit Proof of Concept

The following is an example of an HTTP POST request that is sent with unencrypted credentials when logging in to the application:

POST /login HTTP/1.1
Host: &lt;IP&gt;
Content-Type: application/json
Content-Length: 38
Connection: close

{"username":"admin","password":"moxa"}

Mitigation

Unencrypted network communication may be disabled by:

  • unchecking the “Enable HTTP” option during installation
  • checking the “Disable HTTP Port” option in the MXView application
  • unchecking the “Enable HTTP Port” option in the MXView Configuration Tool
  • changing the “Web console protocol” settings in the web application (Preferences > Advanced > Management Interface > change HTTP to HTTPS)

Timeline

2021-10-20 - Vendor disclosure
2022-02-11 - Public Release

Related

prion 1
cvelist 1
nvd 1
cve 1
thn 1
prion
prion
Information disclosure
2022-04-14 20:15:00
cvelist
cvelist
CVE-2021-40392
2022-04-14 19:56:09
nvd
nvd
CVE-2021-40392
2022-04-14 20:15:08
cve
cve
CVE-2021-40392
2022-04-14 20:15:08
thn
thn
Critical Security Flaws Reported in Moxa MXview Network Management Software
2022-02-14 08:12:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

58.7%

JSON
Related for TALOS-2021-1403
prion1cvelist1nvd1cve1thn1