CVE-2019-9104

Vulnerability

The configuration files on Moxa MGate MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 series protocol gateways store passwords in cleartext. This affects MB3170 and MB3270 devices running firmware version 4.0 or lower, MB3280 and MB3480 devices running firmware version 3.0 or lower, MB3660 devices running firmware version 2.2 or lower, and MB3180 devices running firmware version 2.0 or lower [1][2].

Exploitation

An attacker with local access to the device or the ability to retrieve the configuration file (e.g., via another vulnerability such as information disclosure) can read the cleartext passwords [1]. No authentication is required to perform this step if the attacker already has access to the file.

Impact

Successful exploitation allows the attacker to obtain sensitive credentials (e.g., for web interface or other services) and subsequently gain unauthorized access to the device with the privileges associated with those passwords [1]. This could lead to full compromise of the device and the network segment it controls.

Mitigation

Moxa released fixed firmware versions: 4.1 for MB3170 and MB3270, 3.1 for MB3280 and MB3480, 2.3 for MB3660, and 2.1 for MB3180 [1][2]. Users should upgrade to the latest firmware. No workaround is documented; the only remediation is applying the update.