CVE-2016-9366
9.8 CRITICALAn issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series version...
Published: 2017-02-13 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-264, CWE-307
Affected products
| Vendor | Product |
|---|---|
| moxa | nport_5100_series_firmware, nport_5100a_series_firmware, nport_5200_series_firmware |
Description
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. An attacker can freely use brute force to determine parameters needed to bypass authentication.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2017-16715 — An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 V... (8.6 HIGH)
- CVE-2016-9369 — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series version... (9.8 CRITICAL)
- CVE-2016-9367 — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series version... (7.5 HIGH)
- CVE-2016-9365 — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series version... (8.8 HIGH)
- CVE-2016-9363 — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series version... (7.3 HIGH)
Same CWE
- CVE-2026-41974 — Permission control vulnerability in service notifications (3.6 LOW)
- CVE-2026-43926 — FOSSBilling is a free, open-source billing and client management system
- CVE-2026-36612 — Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak lockout policy (60-second lockout after 1... (6.4 MEDIUM)
- CVE-2026-36607 — Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change e... (8.8 HIGH)
- CVE-2026-10216 — A vulnerability was detected in unitedbyai droidclaw up to 0.5.3 (3.7 LOW)