Critical severity9.8NVD Advisory· Published Jul 15, 2016· Updated May 6, 2026

CVE-2016-5804

Description

Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.

Affected products

Moxa/Mgate Mb3180 Firmware
cpe:2.3:o:moxa:mgate_mb3180_firmware:*:*:*:*:*:*:*:*
Range: <1.8
Moxa/Mgate Mb3280 Firmware
cpe:2.3:o:moxa:mgate_mb3280_firmware:*:*:*:*:*:*:*:*
Range: <2.7
Moxa/Mgate Mb3480 Firmware
cpe:2.3:o:moxa:mgate_mb3480_firmware:*:*:*:*:*:*:*:*
Range: <2.6
Moxa/Mgate Mb3170 Firmware
cpe:2.3:o:moxa:mgate_mb3170_firmware:*:*:*:*:*:*:*:*
Range: <2.5
Moxa/Mgate Mb3270 Firmware
cpe:2.3:o:moxa:mgate_mb3270_firmware:*:*:*:*:*:*:*:*
Range: <2.7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/91777nvdThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSA-16-196-02nvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000