Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.14 views

Moxa NPort W2x50A Authenticated OS Command Injection in Web Server Ping Functionality (CVE-2018-19659)

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

9CVSS7.8AI score0.0427EPSS
Exploits3References3
Cvelist
Cvelist
added 2018/12/06 11:0 p.m.30 views

CVE-2018-19659

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build18082311. A specially crafted HTTP POST request to /goform/netWebPingGetValue can result in running OS commands as the root user. This is...

8.7AI score0.0427EPSS
Exploits3References2
CVE
CVE
added 2018/12/06 11:0 p.m.41 views

CVE-2018-19659

CVE-2018-19659 affects Moxa NPort W2x50A series where firmware prior to 2.2 Build_18082311 exposes an authenticated OS command injection in the web server ping function. A crafted HTTP POST to /goform/net_WebPingGetValue allows running OS commands as root, with authentication required. Impact is ...

9CVSS8.5AI score0.0427EPSS
Exploits3References2Affected Software1
0day.today
0day.today
added 2018/12/01 12:0 a.m.65 views

Moxa NPort W2x50A 2.1 OS Command Injection Vulnerability

Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS command injection vulnerabilities. Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS Command Injection...

9CVSS0.30868EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/11/29 12:0 a.m.54 views

Moxa NPort W2x50A 2.1 OS Command Injection

Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS Command Injection vulnerabilities: 1 Authenticated OS Command Injection in web server ping functionality Reserverd CVE ID: CVE-2018-19659 A specially crafted HTTP POST request to...

9CVSS8.7AI score0.30868EPSS
Exploits6
Rows per page
Query Builder