269 matches found
Moxa AWK-3131A Web Application Ping Command Injection Vulnerability(CVE-2016-8721)
Summary An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...
Moxa AWK-3131A serviceAgent Information Disclosure Vulnerability(CVE-2016-8724)
Summary An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. Tested Versions Moxa AWK-3131A...
Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability(CVE-2016-8725)
Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. Tested Versions Moxa AWK-3131...
Moxa AWK-3131A Wireless Access Point Operating System Command Injection Vulnerability
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa China. An operating system command injection vulnerability exists in the web application 'ping' function in Moxa AWK-3131A Wireless Access Points using firmware version 1.1. A remote attacker could exploit this vulnerability to...
Moxa AWK-3131A Wireless Access Point Information Disclosure Vulnerability (CNVD-2017-07354)
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa, China.Web Application is one of the web application modules. An information disclosure vulnerability exists in the Web Application feature of the Moxa AWK-3131A Wireless Access Point using firmware version 1.1. An attacker can...
Moxa AWK-3131A Wireless Access Point Cross-Site Request Forgery Vulnerability
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa China. A cross-site request forgery vulnerability exists in the Moxa AWK-3131A Wireless Access Point using firmware version 1.1. A remote attacker can exploit this vulnerability to perform unauthorized operations...
Moxa AWK-3131A Wireless Access Point Plaintext Transfer Password Vulnerability
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa, China.Web Application is one of the web application modules. A security vulnerability exists in the Web Application feature of the Moxa AWK-3131A Wireless Access Point with firmware version 1.1, which is caused by the program...
Moxa AWK-3131A Wireless Access Point HTTP Denial of Service Vulnerability
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa, China.Web Application is one of the web application modules. An HTTP denial of service vulnerability exists in the Web Application feature of the Moxa AWK-3131A Wireless Access Point with firmware version 1.1. An attacker can...
Moxa AWK-3131A Wireless Access Point Cross-Site Scripting Vulnerability
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa, China.Web Application is one of the web application modules. A cross-site scripting vulnerability exists in the Web Application feature of the Moxa AWK-3131A Wireless Access Point with firmware version 1.1. A remote attacker can...
Moxa AWK-3131A Wireless Access Point Information Disclosure Vulnerability
Moxa AWK-3131A Wireless Access Point is a wireless switch from Moxa China. An information disclosure vulnerability exists in the serviceAgent feature of the Moxa AWK-3131A Wireless Access Point using firmware version 1.1. The vulnerability can be exploited to retrieve sensitive information via a...
Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability
Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...
Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability
Talos Vulnerability Report TALOS-2017-0231 Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability April 21, 2017 Report ID CVE-2016-8717 Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The devic...
CVE-2016-8721
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An...
CVE-2016-8721
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An...
Command injection
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An...
CVE-2016-8721
CVE-2016-8721 affects Moxa AWK-3131A Wireless Access Points with firmware 1.1. The vulnerability is an OS command injection in the web application’s ping function, where specially crafted input can cause arbitrary OS commands to execute on the device. Exploitation is demonstrated remotely and can...
CVE-2016-8721
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An...
PT-2017-9763 · Moxa · Moxa Awk-3131A Wireless Access Point
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Points version 1.1 Description: An exploitable OS Command Injection issue exists in the web application 'ping' functionality. Specially crafted web form input can cause an OS Command Injection, resulting in...
Moxa AWK-3131A Web Application Ping Command Injection Vulnerability
Summary An exploitable OS Command Injection vulnerability exists in the web application ‘ping’ functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...
CVE-2016-8712
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds...