Lucene search
PRIOn knowledge basePRION:CVE-2017-14459HistoryApr 11, 2018 - 4:29 p.m.
Command injection
2018-04-1116:29:00
PRIOn knowledge base
www.prio-n.com
3
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username parameter of several services (SSH, Telnet, console), resulting in remote, unauthenticated, root-level operating system command execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| awk-3131a_firmware | eq | 1.4 | |
| awk-3131a_firmware | eq | 1.5 | |
| awk-3131a_firmware | eq | 1.6 | |
| awk-3131a_firmware | eq | 1.7 |
Related
talosblog
talosblog
talos
talos
nvd
nvd
CVE-2017-14459
2018-04-11 16:29:00
cve
cve
CVE-2017-14459
2018-04-13 00:00:00
cvelist
cvelist
CVE-2017-14459
2018-04-13 00:00:00
zdt
zdt
Moxa AWK-3131A 1.4 < 1.7 - Username OS Command Injection Exploit
2018-04-04 00:00:00
nessus
nessus
Moxa AWK OS Command Injection (CVE-2017-14459)
2023-08-02 00:00:00