CVE-2017-14433

2018-05-14T16:29:00
ID CVE-2017-14433
Type cve
Reporter NVD
Modified 2018-06-15T14:56:47

Description

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the "/goform/net_Web_get_value" uri to trigger this vulnerability.