Moxa Network Security Appliances and Routers Hard-Coded Credentials Vulnerability Allowing Authentication Bypass

A vulnerability has been identified in Moxa's network security appliances and routers, where a hard-coded secret key is used to sign JSON Web Tokens (JWT) for authentication. This flaw allows an unauthenticated attacker to forge valid tokens, bypass authentication controls, and impersonate any user. Exploitation can lead to complete system compromise, unauthorized access, data theft, and full administrative control over the affected device. While this vulnerability severely impacts the device's own security, it does not affect the confidentiality or integrity of any subsequent systems.

Impact

Successful exploitation allows for authentication bypass, enabling an attacker to impersonate any user and gain full administrative control over the affected device. This could lead to unauthorized access, data theft, and a complete compromise of the system.

Remediation

Users are advised to update to version 3.21 or later. For the OnCell G4302-LTE4 Series, please contact Moxa Technical Support for the security patch.