As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.

Product support

Security Advisories

SUMMARY

TAP-323, WAC-1001, and WAC-2004 Series Wireless AP/Bridge/Client Vulnerabilities

  • Security Advisory ID: MPSA-210901
  • Version: V1.0
  • Release Date: Sep 01, 2021
  • Reference:

Multiple product vulnerabilities were identified in Moxa’s TAP-323 Series and WAC-1001/2004 Series Railway Wireless Controllers. In response to this, Moxa has developed related solutions to address these vulnerabilities.

The identified vulnerability types and potential impacts are shown below:

Item Vulnerability Type Impact
1 Improper Restriction of Operations Within the Bounds of a Memory Buffer
CVE-2016-2148
Heap-based buffer overflow may allow a remote attack in the DHCP client.
2 Improper Input Validation
CVE-2016-7406
Allows remote attackers to execute arbitrary code in the dropbear SSH function.
3 Multiple vulnerabilities including buffer overflow, integer overflow etc.
CVE-2012-4412, CVE-2014-5119,
CVE-2014-9402, CVE-2014-9984,
CVE-2018-6485, CVE-2015-7547
CVE-2015-0235
Vulnerabilities on outdated GNU C Library (glibc) may allow an attacker to cause different impacts remotely including denial of service and arbitrary code execution.
4 Multiple vulnerabilities including improper restriction of operations, uncontrolled resource consumption, null pointer dereference, buffer overflow, out-of-bounds write, privilege controls, cross-site-scripting etc.
CVE-2008-4609, CVE-2009-1298,
CVE-2010-1162, CVE-2010-4251,
CVE-2010-4805, CVE-2011-0709,
CVE-2011-2525, CVE-2012-0207,
CVE-2012-2136, CVE-2012-3552,
CVE-2012-6638, CVE-2012-6701,
CVE-2012-6704, CVE-2013-7470,
CVE-2014-2523, CVE-2015-1465,
CVE-2015-5364, CVE-2016-10229,
CVE-2016-3134, CVE-2016-4997,
CVE-2016-7039, CVE-2016-7117,
CVE-2016-8666, CVE-2017-1000111
CVE-2017-11176, CVE-2017-7618,
CVE-2017-8890, CVE-2019-16746,
CVE-2019-3896, CVE-2010-3848,
CVE-2012-0056, CVE-2010-2692
Vulnerabilities on outdated Linux kernel that may allow an attacker to cause different impacts remotely including denial of service, memory consumption by sending large amounts of traffic, privilege escalation, inject arbitrary commands etc.
5 Use of Hard-coded Cryptographic Key
("House of Keys" vulnerability)
Embedded devices using non-unique X.509 certificates and SSH host keys can be leveraged in impersonation, man-in-the-middle, or passive decryption attacks.
6 Multiple vulnerabilities including resource management error, buffer overflow, improper authentication, improper input validation etc.
CVE-2006-2937, CVE-2006-2940,
CVE-2006-3738, CVE-2009-3245,
CVE-2010-0742, CVE-2010-3864,
CVE-2010-4252, CVE-2012-2110,
CVE-2014-3512, CVE-2014-3567,
CVE-2014-8176, CVE-2015-0292,
CVE-2016-2108, CVE-2016-2109
Vulnerabilities on an outdated OpenSSL module that may allow an attacker to remotely perform a denial-of-service attack or execute arbitrary code etc.
7 Hardcoded password hashes
CVE-2016-8717
Use of a hard-coded cryptographic key may increase the possibility of unauthorized access.
8 Authenticated Command Injection
CVE-2021-39279
A specially crafted command can cause privilege escalation and circumvent the operating system's user access controls.
9 Reflected Cross-site scripting via manipulated config-file
CVE-2021-39278
Allows an attacker to import a malicious config file to the device through the web interface.

 

AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected products and firmware versions are shown below.

Product Series Affected Versions
TAP-323 Series Firmware Version 1.3 or lower
WAC-1001 Series Firmware Version 2.1 or lower
WAC-2004 Series Firmware Version 1.6 or lower

 

Solutions:

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.

Product Series Solutions
TAP-323 Series Please contact Moxa Technical Support for a security patch.
WAC-1001 Series Please contact Moxa Technical Support for a security patch.
WAC-2004 Series As the WAC-2004 Series has been discontinued, we recommend taking the following mitigation actions below to minimize risk:
  • Install a firewall to use with the device and restrict access to certain devices and users, and only allow authorized protocols.
  • Block anomalous or unauthorized IP traffic access.
  • Use complex passwords to reduce the risk of a brute force attack being successful.
  • Disable unused interfaces, services, and ports (e.g. DHCP, SNTP etc.)
  • Minimize network exposure, and do not allow the device to be accessible from the Internet unless it is necessary.
  • If remote access is required, use a secure method such as a virtual private network (VPN).

Acknowledgment:

We would like to express our appreciation to Thomas Weber from SEC Consult Vulnerability Lab for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers..
 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Sep 01, 2021

Relevant Products

TAP-323 Series · WAC-1001 Series · WAC-2004 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
You have some items waiting in your bag; click here to finish your quote!
Feedback