Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.14 views

Moxa NPort W2x50A Authenticated OS Command Injection in Web Server Ping Functionality (CVE-2018-19659)

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

9CVSS7.8AI score0.0427EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.14 views

Moxa NPort W2x50A Authenticated OS Command Injection in Web Server WLAN Profile Properties Functionality (CVE-2018-19660)

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user...

9CVSS8AI score0.30868EPSS
Exploits3References3
CNVD
CNVD
added 2018/12/10 12:0 a.m.3 views

Moxa NPort W2x50A Operating System Command Injection Vulnerability

Moxa NPort W2x50A is a Moxa serial communication server for connecting industrial serial devices to a network. An operating system command injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware prior to version 2.2 Build18082311. An attacker can...

9CVSS7.8AI score0.30868EPSS
Exploits3References1
NVD
NVD
added 2018/12/06 11:29 p.m.19 views

CVE-2018-19660

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user...

9CVSS8.7AI score0.30868EPSS
Exploits3References2
OSV
OSV
added 2018/12/06 11:29 p.m.2 views

CVE-2018-19660

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user...

8.8CVSS5.9AI score0.30868EPSS
Exploits3References2
NVD
NVD
added 2018/12/06 11:29 p.m.20 views

CVE-2018-19659

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

9CVSS8.7AI score0.0427EPSS
Exploits3References2
OSV
OSV
added 2018/12/06 11:29 p.m.2 views

CVE-2018-19659

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

8.8CVSS5.8AI score0.0427EPSS
Exploits3References2
Prion
Prion
added 2018/12/06 11:29 p.m.14 views

Command injection

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user...

9CVSS8.5AI score0.30868EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2018/12/06 11:29 p.m.20 views

Command injection

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

9CVSS8.5AI score0.04328EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2018/12/06 11:0 p.m.41 views

CVE-2018-19659

CVE-2018-19659 affects Moxa NPort W2x50A series where firmware prior to 2.2 Build_18082311 exposes an authenticated OS command injection in the web server ping function. A crafted HTTP POST to /goform/net_WebPingGetValue allows running OS commands as root, with authentication required. Impact is ...

9CVSS8.5AI score0.0427EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2018/12/06 11:0 p.m.29 views

CVE-2018-19660

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user...

8.7AI score0.30868EPSS
Exploits3References2
CVE
CVE
added 2018/12/06 11:0 p.m.45 views

CVE-2018-19660

CVE-2018-19660 affects Moxa NPort W2x50A devices with firmware prior to 2.2 Build_18082311. The vulnerability resides in the web server functionality and stems from an authenticated OS command injection via a specially crafted HTTP POST to /goform/webSettingProfileSecurity, potentially allowing r...

9CVSS8.5AI score0.30868EPSS
Exploits3References2Affected Software1
CNVD
CNVD
added 2018/12/04 12:0 a.m.3 views

Moxa NPort W2x50A Operating System Command Injection Vulnerability

Moxa NPort W2x50A is a Moxa serial communication server for connecting industrial serial devices to the network. An operating system command injection vulnerability exists in the web server ping feature in Moxa NPort W2x50A products with firmware prior to version 2.2 Build18082311. An attacker ca...

9CVSS9.1AI score0.0427EPSS
Exploits3References1
0day.today
0day.today
added 2018/12/01 12:0 a.m.65 views

Moxa NPort W2x50A 2.1 OS Command Injection Vulnerability

Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS command injection vulnerabilities. Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS Command Injection...

9CVSS0.30868EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/11/29 12:0 a.m.54 views

Moxa NPort W2x50A 2.1 OS Command Injection

Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS Command Injection vulnerabilities: 1 Authenticated OS Command Injection in web server ping functionality Reserverd CVE ID: CVE-2018-19659 A specially crafted HTTP POST request to...

9CVSS8.7AI score0.30868EPSS
Exploits6
Rows per page
Query Builder