CVE-2016-5799

Vulnerability

The affected Moxa OnCell devices do not properly restrict the number of authentication attempts, corresponding to CWE-307 (Improper Restriction of Excessive Authentication Attempts). This vulnerability affects the OnCell G3100V2 Series prior to firmware version 2.8, and the OnCell G3111, G3151, G3211, and G3251 Series prior to firmware version 1.7 [1].

Exploitation

An attacker can exploit this vulnerability remotely without any prior authentication. By sending a high volume of login requests, the attacker can perform a brute-force attack to guess valid credentials. The device does not implement rate limiting or account lockout mechanisms, allowing unlimited attempts until successful authentication is achieved [1].

Impact

Successful exploitation grants the attacker access to the device as a valid user. Depending on the privileges of the compromised account, the attacker may gain full administrative control over the cellular IP gateway, potentially leading to unauthorized access to connected serial or Ethernet devices, data exfiltration, or disruption of operations [1].

Mitigation

Moxa has released firmware updates to address this vulnerability: update OnCell G3100V2 devices to version 2.8 or later, and update OnCell G3111, G3151, G3211, and G3251 devices to version 1.7 or later [1]. No workarounds are documented in the available reference. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date.