cve/2016/CVE-2016-8712.md

### [CVE-2016-8712](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8712)
![](https://img.shields.io/static/v1?label=Product&message=AWK-3131A%20Series%20Industrial%20IEEE%20802.11a%2Fb%2Fg%2Fn%20wireless%20AP%2Fbridge%2Fclient&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Nonce%20reuse&color=brighgreen)

### Description

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.

### POC

#### Reference
- http://www.talosintelligence.com/reports/TALOS-2016-0225/

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2016-8712](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8712)`
			`![](https://img.shields.io/static/v1?label=Product&message=AWK-3131A%20Series%20Industrial%20IEEE%20802.11a%2Fb%2Fg%2Fn%20wireless%20AP%2Fbridge%2Fclient&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Nonce%20reuse&color=brighgreen)`

			`### Description`

			`An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.`

			`### POC`

			`#### Reference`
			`- http://www.talosintelligence.com/reports/TALOS-2016-0225/`

			`#### Github`
			`No PoCs found on GitHub currently.`