MOXA NPort IAW5000A-I/O Series

Vulnerability

The built-in web service on MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not enforce strong password requirements (CWE-521). This allows users to set weak passwords, making the device susceptible to credential guessing and brute force attacks.

Exploitation

An attacker with network access can remotely exploit this weakness by launching brute-force or dictionary attacks against the web service. Low skill level is required, as no authentication or user interaction is needed to initiate the attack.

Impact

Successful exploitation allows an attacker to gain unauthorized access to the device with the privileges of the compromised account. This could lead to session hijacking, data exposure, or further privilege escalation, as other vulnerabilities (e.g., improper privilege management) may be chained.

Mitigation

No fixed firmware version is explicitly mentioned in the available reference [1]. MOXA recommends upgrading to the latest firmware available for the NPort IAW5000A-I/O series. Until a patch is applied, enforce strong password policies through configuration and restrict network access to the web service.