Talos Vulnerability Report

TALOS-2016-0225

Moxa AWK-3131A Web Application Nonce Reuse Vulnerability

April 10, 2017
CVE Number

CVE-2016-8712

Summary

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds.

Tested Versions

Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client 1.1

Product URLs

http://www.moxa.com/product/AWK-3131A.htm

CVSSv3 Score

5.9 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

An exploitable Nonce Resume vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. The value of a sessions token is the result of MD5(password+webNonce). With a fixed nonce, attacks against the session token to determine valid credentials are greatly simplified as the attacker now only needs to crack MD5(password).

The nonce reuse is also the basis for the way sessions are implemented: because the nonce keeps getting reused as long as the web application hasn’t been idle, the session remains valid. This introduces another problem: when logging out, the cookie containing the session token is cleared, but the session does not become invalid until the timeout has occured. This allows attackers who have been able to gain access to a session token to use it to log in even if the user has explicitly logged out. They can also keep this session token valid permanently by ensuring that the web application never goes idle, which prevents the nonce from changing.

Exploit Proof-of-Concept

The below script will grab a nonce once every 250 seconds, just under the 300 second time-out period. This will prevent the nonce from changing.

#!/usr/bin/python

import urllib2
import time

while True:
    nonce = urllib2.urlopen("http://<Device IP>/webNonce?time=").read()
    time.sleep(250)

Mitigation

To significantly mitigate risk of exploitation, disable the web application before the device is deployed.

Timeline

2016-11-14 - Vendor Disclosure
2017-04-10 - Public Release

Credit

Discovered by Patrick DeSantis of Cisco Talos.