Vulnerability DetailsThis vulnerability was identified by Patrick DeSantis of Talos.
TALOS-2016-0231 (CVE-2016-8717) is a hard-coded credential vulnerability within Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client devices. An undocumented, root-level account with hard-coded credentials exists in these devices with no mechanism to disable or remove the account permanently. An attacker could leverage this account and gain complete control of the device remotely.
The following are the hard-coded credentials:
In the event patching is not possible, it is recommended that you disable remotely-accessible services, such as SSH and Telnet.
Talos has written Snort rules to detect attempts to exploit the vulnerability. Administrators should be aware that these rules are subject to change pending new or additional information regarding this vulnerabilities. For the most current information, we recommend customers review their Defense Centers or visit Snort.org.
Snort Rule: 40758
To view this and other vulnerabilities Talos has disclosed, please visit to our Vulnerability Report Portal:
Our Vulnerability Disclosure Policy is also available here: