CVE-2016-9361

critical

Published 2017-02-13 · Modified 2026-06-02

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

10.0

Description

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Administration passwords can be retried without authenticating.

Predictions

Exploit likelihood

100%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Metasploit modules

auxiliary_scanner/scada/moxa_discover rank 300

Moxa UDP Device Discovery

Source code queued for fetch — refresh in a moment.

auxiliary_admin/scada/moxa_credentials_recovery rank 300

Moxa Device Credential Retrieval

Source code queued for fetch — refresh in a moment.

Application impact

Vendor	Product	Versions
moxa	nport_5110	`-`
moxa	nport_5130	`-`
moxa	nport_5150	`-`
moxa	nport_5210	`-`
moxa	nport_5230	`-`
moxa	nport_5232	`-`
moxa	nport_5232i	`-`
moxa	nport_5410	`-`
moxa	nport_5430	`-`
moxa	nport_5430i	`-`
moxa	nport_5450	`-`
moxa	nport_5450-t	`-`
moxa	nport_5450i	`-`
moxa	nport_5450i-t	`-`
moxa	nport_5610	`-`
moxa	nport_5630	`-`
moxa	nport_5650	`-`
moxa	nport_5110a	`-`
moxa	nport_5130a	`-`
moxa	nport_5150a	`-`
moxa	nport_p5110a	`-`
moxa	nport_5210a	`-`
moxa	nport_5230a	`-`
moxa	nport_5250a	`-`
moxa	nport_5150a1-m12	`-`
moxa	nport_5150a1-m12-ct	`-`
moxa	nport_5150a1-m12-ct-t	`-`
moxa	nport_5150a1-m12-t	`-`
moxa	nport_5250a1-m12	`-`
moxa	nport_5250a1-m12-ct	`-`
moxa	nport_5250a1-m12-ct-t	`-`
moxa	nport_5250a1-m12-t	`-`
moxa	nport_5450a1-m12	`-`
moxa	nport_5450a1-m12-ct	`-`
moxa	nport_5450a1-m12-ct-t	`-`
moxa	nport_5450a1-m12-t	`-`
moxa	nport_5600-8-dtl_series_firmware	`{"endIncluding":"2.3"}`
moxa	nport_5610-8-dtl	`-`
moxa	nport_5650-8-dtl	`-`
moxa	nport_5650i-8-dtl	`-`
moxa	nport_6150	`-`
moxa	nport_6150-t	`-`

References

CWEs

CWE-287 CWE-307

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.