Sign-up

ID

VAR-201605-0028


CVE

CVE-2016-2286


TITLE

plural Moxa MiiNePort Vulnerability of obtaining access rights in device product firmware

Trust: 0.8

sources: JVNDB: JVNDB-2016-002970

DESCRIPTION

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors. plural Moxa MiiNePort Since the device product firmware uses an empty default password, there is a vulnerability in which access rights can be obtained.Access may be obtained by a third party. Moxa MiiNePort is an embedded device networking module designed for manufacturers to connect serial devices to a network connection. Moxa MiiNePort failed to force a password change, allowing a remote attacker to use this vulnerability to gain administrative privileges using HTTP and Telnet. Moxa MiiNePort_E2_4561, etc. There are security flaws in several Moxa products, and the flaw is caused by the programs using default blank passwords. A remote attacker could exploit this vulnerability to gain access. *Moxa MiiNePort - Multiple Vulnerabilities* Multiple vulnerabilities are present in Moxa MiiNePort. Following versions have been verified, but it is highly probable all other versions are affected as well. *About* Moxa provides a full spectrum of quality products for industrial networking, computing, and automation, and maintains a distribution and service network that reaches customers in more than 70 countries. Our products have connected over 30 million devices worldwide in a wide range of applications, including factory automation, smart rail, smart grid, intelligent transportation, oil & gas, marine, and mining. By continually improving staff expertise in a variety of technologies and markets, we aim to be the first choice for industrial automation solutions. Moxa's embedded serial-to-Ethernet device server modules are small, consume less power, and integration is easy. The MiiNePort E3 is empowered by the MiiNe, Moxa’s second generation SoC, which supports 10/100 Mbps Ethernet, up to 921.6 kbps serial baudrate, a versatile selection of ready-to-use operation modes, and requires only a small amount of power. By using Moxa’s innovative NetEZ technology, the MiiNePort E3 can be used to convert any device with a standard serial interface to an Ethernet enabled device in no time. In addition, the MiiNePort E3 is a compact embedded device server with an RJ45 connector, making it easy to fit into virtually any existing serial device. Weak Credentials Management - CVE-2016-2286 2. Sensitive information not protected - CVE-2016-2295 3. Vulnerable to Cross-Site Request Forgery - CVE-2016-2285 *Vulnerability Description* 1. *Weak Credentials Management* By default, no password is set on the device / application. The device / application does not enforce a mandatory password change mechanism, forcing users to a) set/change the password on first login, b) ensure the password meets complexity requirements, and c) change password periodically. This allows anyone to access the device over HTTP and Telnet. Access to the device provides full administrative functionality. 2. *Sensitive information not protected* Information such as Connect passwords, SNMP community strings is not protected and shown in clear-text when viewing and / or downloaded device config (HTTP / Telnet). 3. Vulnerable to Cross-Site Request Forgery There is no CSRF Token generated per page and / or per (sensitive) function. Successful exploitation of this vulnerability allows silent execution of unauthorized actions on the device such as password change, configuration parameter changes, saving modified configuration, & device reboot. +++++ -- Best Regards, Karn Ganeshen

Trust: 2.34

sources: NVD: CVE-2016-2286 // JVNDB: JVNDB-2016-002970 // CNVD: CNVD-2016-02874 // VULHUB: VHN-91105 // PACKETSTORM: 136891

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-02874

AFFECTED PRODUCTS

vendor:moxamodel:miineport e2 4561scope:eqversion:1.1

Trust: 1.0

vendor:moxamodel:miineport e1 4641scope:eqversion:1.1.10

Trust: 1.0

vendor:moxamodel:miineport e1 7080scope:eqversion:1.1.10

Trust: 1.0

vendor:moxamodel:miineport e2 1242scope:eqversion:1.1

Trust: 1.0

vendor:moxamodel:miineport e3scope:eqversion:1.0

Trust: 1.0

vendor:moxamodel:miineport e3scope: - version: -

Trust: 0.8

vendor:moxamodel:miineport e3scope:eqversion:1.0 build 11071409

Trust: 0.8

vendor:moxamodel:miineport e1 4641scope: - version: -

Trust: 0.8

vendor:moxamodel:miineport e1 4641scope:eqversion:1.1.10 build 09120714

Trust: 0.8

vendor:moxamodel:miineport e1 7080scope: - version: -

Trust: 0.8

vendor:moxamodel:miineport e1 7080scope:eqversion:1.1.10 build 09120714

Trust: 0.8

vendor:moxamodel:miineport e2 1242scope: - version: -

Trust: 0.8

vendor:moxamodel:miineport e2 1242scope:eqversion:1.1 build 10080614

Trust: 0.8

vendor:moxamodel:miineport e2 4561scope: - version: -

Trust: 0.8

vendor:moxamodel:miineport e2 4561scope:eqversion:1.1 build 10080614

Trust: 0.8

vendor:moxamodel:miineportscope: - version: -

Trust: 0.6

vendor:moxamodel:miineport e2 4561scope:eqversion: -

Trust: 0.6

vendor:moxamodel:miineport e3scope:eqversion: -

Trust: 0.6

vendor:moxamodel:miineport e1 4641scope:eqversion: -

Trust: 0.6

vendor:moxamodel:miineport e1 7080scope:eqversion: -

Trust: 0.6

vendor:moxamodel:miineport e2 1242scope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2016-02874 // JVNDB: JVNDB-2016-002970 // CNNVD: CNNVD-201605-123 // NVD: CVE-2016-2286

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-2286
value: HIGH

Trust: 1.0

NVD: CVE-2016-2286
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-02874
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201605-123
value: MEDIUM

Trust: 0.6

VULHUB: VHN-91105
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-2286
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-02874
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-91105
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-2286
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-02874 // VULHUB: VHN-91105 // JVNDB: JVNDB-2016-002970 // CNNVD: CNNVD-201605-123 // NVD: CVE-2016-2286

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-91105 // JVNDB: JVNDB-2016-002970 // NVD: CVE-2016-2286

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-123

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201605-123

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-002970

PATCH
title:MiiNePort E3シリーズurl:http://japan.moxa.com/product/MiiNePort_E3.htm
Trust: 0.8
title:MiiNePort E1 シリーズurl:http://japan.moxa.com/product/MiiNePort_E1.htm
Trust: 0.8
title:MiiNePort E2シリーズurl:http://japan.moxa.com/product/MiiNePort_E2.htm
Trust: 0.8
title:Patch for Moxa MiiNePort permission acquisition vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/75423
Trust: 0.6
title:Moxa MiiNePort Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61446
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-02874 // 
            
            
            
            JVNDB: JVNDB-2016-002970 // 
            
            
            
            CNNVD: CNNVD-201605-123

EXTERNAL IDS
db:NVDid:CVE-2016-2286
Trust: 3.2
db:ICS CERTid:ICSA-16-145-01
Trust: 2.5
db:PACKETSTORMid:136891
Trust: 1.3
db:JVNDBid:JVNDB-2016-002970
Trust: 0.8
db:CNNVDid:CNNVD-201605-123
Trust: 0.7
db:CNVDid:CNVD-2016-02874
Trust: 0.6
db:VULHUBid:VHN-91105
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-02874 // 
            
            
            
            VULHUB: VHN-91105 // 
            
            
            
            JVNDB: JVNDB-2016-002970 // 
            
            
            
            PACKETSTORM: 136891 // 
            
            
            
            CNNVD: CNNVD-201605-123 // 
            
            
            
            NVD: CVE-2016-2286

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-16-145-01
Trust: 2.5
url:https://packetstormsecurity.com/files/136891/moxa-miineport-weak-credential-management-csrf.html
Trust: 1.2
url:http://seclists.org/fulldisclosure/2016/may/7
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2286
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2286
Trust: 0.8
url:http://www.moxa.com/product/miineport_e1.htm
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-2295
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-2286
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-2285
Trust: 0.1
url:http://www.moxa.com/product/miineport_e2.htm
Trust: 0.1
url:http://www.moxa.com/product/miineport_e3.htm
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-02874 // 
            
            
            
            VULHUB: VHN-91105 // 
            
            
            
            JVNDB: JVNDB-2016-002970 // 
            
            
            
            PACKETSTORM: 136891 // 
            
            
            
            CNNVD: CNNVD-201605-123 // 
            
            
            
            NVD: CVE-2016-2286

CREDITS
Karn Ganeshen
Trust: 0.1
sources:
            
            
            PACKETSTORM: 136891

SOURCES
db:CNVDid:CNVD-2016-02874
db:VULHUBid:VHN-91105
db:JVNDBid:JVNDB-2016-002970
db:PACKETSTORMid:136891
db:CNNVDid:CNNVD-201605-123
db:NVDid:CVE-2016-2286

LAST UPDATE DATE
2025-04-13T23:21:07.680000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-02874date:2016-05-10T00:00:00
db:VULHUBid:VHN-91105date:2016-11-30T00:00:00
db:JVNDBid:JVNDB-2016-002970date:2016-06-02T00:00:00
db:CNNVDid:CNNVD-201605-123date:2017-09-07T00:00:00
db:NVDid:CVE-2016-2286date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-02874date:2016-05-10T00:00:00
db:VULHUBid:VHN-91105date:2016-05-31T00:00:00
db:JVNDBid:JVNDB-2016-002970date:2016-06-02T00:00:00
db:PACKETSTORMid:136891date:2016-05-03T22:45:50
db:CNNVDid:CNNVD-201605-123date:2016-05-05T00:00:00
db:NVDid:CVE-2016-2286date:2016-05-31T01:59:05.947