A product vulnerability was identified in Moxa’s MGate MB3000 Series, MGate 5100 Series, and MGate W5000 Series Protocol Gateway. In response to this, Moxa has developed related solutions to address these vulnerabilities.
The identified vulnerability types and potential impacts are shown below:
||Authorization bypass (CWE-287), CVE-2016-5804
||An attacker could use brute force to find a static Call ID from a cookie and bypass the authentication.