CVE-2021-42382

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvars function...

CVE-2021-42386

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function...

Use-After-Free

busybox is vulnerable to use-after-free vulnerability. A remote unauthenticated attacker could craft an awk pattern and send to the evaluate function resulting in a system hang...

Denial Of Service (DoS)

busybox is vulnerable to denial of service. The vulnerability exists because it does not properly sanitize while processing a crafted awk pattern in the clrvar function which causes an application crash...

Busybox Resource Management Error Vulnerability (CNVD-2021-88215)

BusyBox is a suite of applications containing several linux commands and tools from Ukrainian individual developer Denis Vlasenko. Busybox's awk applet is vulnerable to a resource management error that could be exploited by an attacker to execute code while processing a carefully crafted awk...

BusyBox Resource Management Error Vulnerability (CNVD-2021-88216)

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. A resource management error vulnerability exists in Busybox's awk applet, which can be exploited by an attacker to execute code while processing a specially crafted awk...

BusyBox Resource Management Error Vulnerability (CNVD-2021-88214)

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. A resource management error vulnerability exists in the Busybox awk applet, which stems from a denial of service due to "use after free" in Busybox's awk applet when...

BusyBox Resource Management Error Vulnerability (CNVD-2021-88211)

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. BusyBox suffers from a resource management error vulnerability that stems from a denial of service and possible code enforcement due to post-release usage in Busybox's a...

BusyBox Resource Management Error Vulnerability (CNVD-2021-88210)

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. A resource management error vulnerability exists in Busybox's awk applet, which can be exploited by an attacker to execute code while handling specially crafted awk...

BusyBox Resource Management Error Vulnerability (CNVD-2021-88208)

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. A resource management error vulnerability exists in the Busybox awk applet, which stems from a denial of service due to "use after free" in the Busybox awk applet when...

PT-2021-23608 · Busybox +3 · Busybox +3

Name of the Vulnerable Software and Affected Versions: Busybox affected versions not specified Description: A use-after-free issue in Busybox's awk applet can lead to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function. Recommendations: At...

MOXA AWK-1131A suffers from a command execution vulnerability (CNVD-2021-15569)

The Moxa AWK-1131A industrial-grade wireless AP/Client supports IEEE 802.11n technology with a data rate of up to 300Mbps. The MOXA AWK-1131A suffers from a command execution vulnerability that can be exploited by an attacker to cause malicious code to be executed...

Command Execution Vulnerability in MOXA AWK-1131A

The AWK-1131A is an industrial-grade wireless AP. A command execution vulnerability exists in the MOXA AWK-1131A, which can be exploited by an attacker to execute malicious code...

MOXA AWK-1131A Ethernet 802LLC Protocol Denial of Service Vulnerability

Moxa is a leader in industrial automation, providing complete industrial equipment connectivity, industrial computer and industrial network solutions, and is committed to promoting and practicing the Industrial Internet together. A denial of service vulnerability exists in the MOXA AWK-1131A...

Moxa AWK-3131A Cross-Site Scripting (CVE-2016-8719)

A cross-site scripting vulnerability exists in Moxa AWK-3131A. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

The vulnerability of the microprogrammed wireless access point software for Moxa AWK-3121 lies in the execution of operations beyond the buffer boundaries in memory, allowing an intruder to execute arbitrary code.

The vulnerability of the microprogrammed wireless access device for Moxa AWK-3121 lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the ServiceAgent component of the wireless access point software for Moxa AWK-3131A industrial systems allows a intruder to trigger a service failure.

The vulnerability of the ServiceAgent component in the wireless access point software for Moxa AWK-3131A industrial systems is related to a numerical overflow that causes an overflow of the stack-based buffer. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The vulnerability in the settings of the iw_webs account of the Moxa AWK-3131A wireless access point’s microprogramming software allows a hacker to reset the user’s password for that account.

The vulnerability in the settings of the iwwebs account of the Moxa AWK-3131A wireless access point software-related microprogramming system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to remotely reset the user account password...

The vulnerability of the ServiceAgent component of the wireless access point software for Moxa AWK-3131A industrial systems allows a intruder to disclose protected information.

The vulnerability of the ServiceAgent component of the wireless access point software for Moxa AWK-3131A industrial systems is related to the use of pre-installed registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the diagnostic script of the microprogramming software for wireless access points in industrial systems, Moxa AWK-3131A, allows a intruder to execute arbitrary commands.

The vulnerability of the diagnostic script of the microprogramming software for wireless access points in Moxa AWK-3131A systems exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious acto...