782 matches found
CVE-2016-8719
An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim...
CVE-2016-8718
CVE-2016-8718 affects the Moxa AWK-3131A Wireless Access Point (firmware 1.1). The vulnerability is a Cross-Site Request Forgery (CSRF) in the device’s Web Application, where a specially crafted form can trigger an action on behalf of an authenticated user without their awareness. Exploitation ca...
CVE-2016-8719
The CVE-2016-8719 entry concerns a reflected Cross‑Site Scripting (XSS) vulnerability in the Web Application of the Moxa AWK-3131A Wireless Access Point (firmware 1.1). Multiple input parameters in the web UI can be injected with malicious scripts, which can be executed in a victim’s browser. Rep...
CVE-2016-8718
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authenti...
CVE-2016-8716
CVE-2016-8716 affects Moxa AWK-3131A Wireless Access Point (firmware 1.1). The Web Application Change Password function transmits the password in cleartext, enabling an attacker who can intercept traffic to obtain valid credentials. Documents from multiple sources (Talos, Tenable plugin, Seebug, ...
Moxa AWK Series asqc.asp Information Disclosure Vulnerability
Moxa AWK series wireless access points are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
PT-2017-9760 · Moxa · Moxa Awk-3131A Wireless Access Point
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Point version 1.1 Description: A Cross-Site Request Forgery issue exists in the Web Application functionality. It allows a specially crafted form to trick a client into making an unintentional request to the web...
PT-2017-9759 · Moxa · Moxa Awk-3131A Wireless Access Point
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Point version 1.1 Description: A Cleartext Transmission of Password issue exists in the Web Application functionality. The Change Password functionality transmits the password in cleartext, allowing an attacker...
Moxa AWK Series Systemlog Information Disclosure Vulnerability
Moxa AWK series wireless access points are prone to a systemlog.log information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Moxa AWK Series serviceAgent Information Disclosure Vulnerability
Moxa AWK series wireless access points are prone to an information disclosure vulnerability in the serviceAgent. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Moxa AWK-3131A HTTP GET Denial of Service Vulnerability
Summary An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an ‘/’ will cause a segmentation fault in the web server. An attacker can send any of a multitude of...
Moxa AWK-3131A Web Application Cross-Site Request Forgery Vulnerability
Summary An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an...
Moxa AWK-3131A Web Application Multiple Reflected Cross-Site Scripting Vulnerabilities
Summary An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim. Tested Versions...
Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability
Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability Summary An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without...
Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. Tested Versions Moxa...
Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. Tested Versions Moxa AWK-3131...
Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability
Summary An exploitable null pointer dereference vulnerability exists in the Web Application /forms/webrunScript iwfilename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web...
Moxa AWK-3131A serviceAgent Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. Tested Versions Moxa AWK-3131A...
Moxa AWK-3131A Web Application Cleartext Transmission of Password Vulnerability
Summary An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of...
Moxa AWK-3131A Web Application bkpath HTTP Header Injection Vulnerability
Summary An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the...