5 matches found
Moxa AWK-3121 Improper Neutralization of Special Elements Used in a Command (CVE-2018-10699)
An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device...
CVE-2018-10699
An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device...
CVE-2018-10699
An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device...
Sql injection
An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device...
CVE-2018-10699
CVE-2018-10699 affects Moxa AWK-3121, version 1.14. The vulnerability stems from the certfile upload functionality; the POST parameter iw_privatePass is susceptible to command injection. An attacker crafting input with shell metacharacters could execute arbitrary commands on the device, potential...