782 matches found
CVE-2016-8727
The CVE-2016-8727 issue affects Moxa AWK-3131A Wireless Access Point web application functionality. It describes an information-disclosure vulnerability where retrieving a series of URLs without authentication can reveal sensitive configuration and system data. The vulnerability is network-expose...
CVE-2016-8720
The CVE-2016-8720 vulnerability affects Moxa AWK-3131A Wireless Access Point (firmware 1.1). It is an HTTP Header Injection flaw where a crafted request using the bkpath parameter can cause the Location header to reflect the injected value, enabling potential redirection and related attacks. Docu...
CVE-2016-8725
An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker...
CVE-2016-8722
An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker...
CVE-2016-8723
CVE-2016-8723 affects Moxa AWK-3131A Wireless Access Point (firmware 1.1). A null pointer dereference in the Web Application can be triggered by HTTP GET requests not starting with ‘/’, causing the web server to segfault (Denial of Service). Reported CVSS around 7.5 (HIGH). Exploitation details e...
CVE-2016-8726
Summary of CVE-2016-8726 : Affected product is the Moxa AWK-3131A Wireless Access Point (firmware 1.1). The issue is a null pointer dereference in the Web Application’s /forms/web_runScript iw_filename function. An HTTP POST containing a blank line in the header can trigger a segmentation fault i...
PT-2017-9764 · Moxa · Awk-3131A Series
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client affected versions not specified Description: An Information Disclosure issue exists in the Web Application functionality, allowing an attacker to retrieve sensitive...
PT-2017-9766 · Moxa · Moxa Awk-3131A Wireless Access Point
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Point version 1.1 Description: An exploitable information disclosure issue exists in the serviceAgent functionality. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive...
PT-2017-9755 · Moxa · Moxa Awk-3131A Wireless Ap
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless AP version 1.1 Description: An exploitable nonce reuse vulnerability exists in the Web Application functionality. The device uses one nonce for all session authentication requests and only changes the nonce if the web...
PT-2017-9767 · Moxa · Moxa Awk-3131A
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A wireless access point version 1.1 Description: An exploitable information disclosure issue exists in the Web Application functionality. Retrieving a specific URL without authentication can reveal sensitive information to an...
CVE-2016-8718
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authenti...
Cross site scripting
An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim...
CVE-2016-8716
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepti...
CVE-2016-8719
An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim...
CVE-2016-8718
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authenti...
Cross site request forgery (csrf)
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authenti...
CVE-2016-8716
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepti...
CVE-2016-8719
An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim...
Default credentials
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepti...
CVE-2016-8716
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepti...