Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.11 views

Moxa EDR-810 Web Server ping Command Injection (CVE-2017-12120)

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the...

9CVSS8.1AI score0.04328EPSS
Exploits4References2
Prion
Prion
added 2018/12/06 11:29 p.m.20 views

Command injection

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

9CVSS8.5AI score0.04328EPSS
Exploits5References2Affected Software1
OSV
OSV
added 2018/05/14 8:29 p.m.5 views

CVE-2017-12120

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the...

8.8CVSS5.9AI score0.04328EPSS
Exploits4References1
CVE
CVE
added 2018/05/14 8:0 p.m.68 views

CVE-2017-12120

CVE-2017-12120 affects Moxa EDR-810 Web Ping functionality in firmware build 17030317. A crafted HTTP POST to /goform/net_WebPingGetValue allows OS command injection via the ip= parameter, enabling privilege escalation to a root shell. Affected product is the Moxa EDR-810; impact includes potenti...

9CVSS8.7AI score0.04328EPSS
Exploits4References1Affected Software1
seebug.org
seebug.org
added 2018/04/16 12:0 a.m.54 views

Moxa EDR-810 Web Server ping Command Injection Vulnerability(CVE-2017-12120)

Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the...

9CVSS0.4AI score0.04328EPSS
Exploits4
Rows per page
Query Builder