CVE-2016-8726

🗓️ 13 Apr 2017 19:00:00Reported by talosType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 46 Views🌐 WEB

Null pointer dereference in Moxa AWK-3131A Wireless Access Poin

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2016-8726	13 Apr 201719:00	–	cvelist
EUVD	EUVD-2016-9565	7 Oct 202500:30	–	euvd
NVD	CVE-2016-8726	13 Apr 201719:59	–	nvd
Prion	Null pointer dereference	13 Apr 201719:59	–	prion
Positive Technologies	PT-2017-9768 · Moxa · Moxa Awk-3131A Wireless Access Point	13 Apr 201700:00	–	ptsecurity
seebug.org	Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability(CVE-2016-8726)	19 Sep 201700:00	–	seebug
Talos	Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability	10 Apr 201700:00	–	talos
Tenable Nessus	Moxa AWK-3131A web_runScript Header Manipulation Denial of Service (CVE-2016-8726)	2 Aug 202300:00	–	nessus

NVD

Vulners

Node

moxa awk-3131a_firmwareMatch1.1

AND

moxa awk-3131aMatch-

[
  {
    "product": "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client",
    "vendor": "Moxa",
    "versions": [
      {
        "status": "affected",
        "version": "1.1"
      }
    ]
  }
]

Source	Link
talosintelligence	www.talosintelligence.com/reports/TALOS-2016-0240/

Parameter	Position	Path	Description	CWE
iw_filename	header	/forms/web_runScript	Exploitable null pointer dereference in web_runScript causing segmentation fault on crafted POST with blank line in header.	CWE-476