2 matches found
CVE-2019-5165
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attack...
CVE-2019-5165
CVE-2019-5165 affects the Moxa AWK-3131A (firmware 1.13). Authentication bypass is caused by hostname processing that lets an attacker send authenticated SNMP requests to trigger a web-auth bypass, effectively treating remote traffic as local. Talos reports an 8.0 CVSSv3 (CR: C/H, PR: H, UI: N, S...