Vulnerability Description
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely compromise the confidentiality and integrity of the wireless traffic.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Nport W2150A Firmware | < 1.11 |
| Moxa | Nport W2150A | - |
| Moxa | Nport W2250A Firmware | < 1.11 |
| Moxa | Nport W2250A | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102254Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/102254Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01PatchThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-16727?
CVE-2017-16727 is a vulnerability with a CVSS score of 9.1 (CRITICAL). A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user ca...
How severe is CVE-2017-16727?
CVE-2017-16727 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-16727?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Nport W2150A Firmware, Moxa Nport W2150A, Moxa Nport W2250A Firmware, Moxa Nport W2250A.