2 matches found
Moxa AWK-3121 Improper Neutralization of Special Elements Used in a Command (CVE-2018-10697)
An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST paramet...
CVE-2018-10697
The CVE-2018-10697 entry affects Moxa AWK-3121 (firmware 1.14). The vulnerability is a command injection in the POST parameter srvName exposed via the device’s ping functionality, allowing an attacker to craft input with shell metacharacters and execute commands on the device. Reported as impacti...