CVE-2016-8712

Summary

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.

Affected Software

VendorProductVersion RangeStatus
MoxaAWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client1.1affected

Weaknesses

  • Nonce reuse

ADP Enrichment

CVE Program Container

Additional References

References