3 matches found
Moxa EDR-810 Web Server OpenVPN Config Command Injection (CVE-2017-14434)
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetmask0= parameter in the...
Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities(CVE-2017-14432 - CVE-2017-14434)
Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into various paramaters in the...
Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities
Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into various paramaters in the...