CVE-2016-5799

critical

Published 2016-08-24 · Modified 2026-05-06

CVSS v3

9.8

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2

10.0

VIR risk

9.8

Description

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

Predictions

Exploit likelihood

97%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: ics-cert@hq.dhs.gov — https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01

References

http://www.securityfocus.com/bid/92606
https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01
http://www.securityfocus.com/bid/92606
https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01

CWEs

CWE-285

Verify integrity in audit chain (admin only). AS-IS.