Lucene search

CVE-2017-12121

🗓️ 14 May 2018 20:00:29Reported by talosType

cve🔗 web.nvd.nist.gov👁 44 Views🌐 WEB

Command injection vulnerability in Moxa EDR-810 V4.1 build 1703031

Reporter	Title	Published	Views	Family All 7
seebug.org	Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability(CVE-2017-12121)	16 Apr 201800:00	–	seebug
NVD	CVE-2017-12121	14 May 201820:29	–	nvd
Prion	Command injection	14 May 201820:29	–	prion
Talos	Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability	13 Apr 201800:00	–	talos
Tenable Nessus	Moxa EDR-810 Web RSA Key Generation Command Injection (CVE-2017-12121)	2 Aug 202300:00	–	nessus
Cvelist	CVE-2017-12121	14 May 201820:00	–	cvelist
Talos Blog	Vulnerability Spotlight: Multiple Vulnerabilities in Moxa EDR-810 Industrial Secure Router	13 Apr 201808:57	–	talosblog

Nvd

Vulners

Node

moxa edr-810_firmwareMatch4.1

AND

moxa edr-810Match-

[
  {
    "product": "Moxa",
    "vendor": "Talos",
    "versions": [
      {
        "status": "affected",
        "version": "Moxa EDR-810 V4.1 build 17030317"
      }
    ]
  }
]

Source	Link
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2017-0473

Parameter	Position	Path	Description	CWE
rsakey_name	request body	/goform/net_WebRSAKEYGen	Command injection vulnerability allowing OS commands to be executed via crafted input.	CWE-78

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2018 20:29Current

9High risk

Vulners AI Score9

CVSS29

CVSS38.8

EPSS0.00216

CWE-78