5 matches found
Moxa EDR-810 Web Server OpenVPN Config Command Injection (CVE-2017-14433)
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the...
CVE-2017-14433
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the...
CVE-2017-14433
CVE-2017-14433 affects Moxa EDR-810 web server (V4.1, build 17030317). A command-injection flaw in the Web interface allows OS commands to be injected via the remoteNetwork0 parameter in POST requests to /goform/net_Web_get_value, enabling privilege escalation to a root shell. TALOS reports the i...
Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities(CVE-2017-14432 - CVE-2017-14434)
Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into various paramaters in the...
Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities
Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into various paramaters in the...