Lucene search
K

7 matches found

NVD
NVD
added 2022/02/08 11:15 a.m.20 views

CVE-2022-21799

Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...

5.2CVSS0.00353EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/08 10:30 a.m.27 views

CVE-2022-21799

Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...

6.1AI score0.00353EPSS
Exploits0References2
Prion
Prion
added 2020/02/25 4:15 p.m.22 views

Command injection

An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attack...

6.5CVSS8.8AI score0.02911EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/02/25 4:15 p.m.15 views

Command injection

An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iwserverip parameter can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attacker can...

6.5CVSS8.8AI score0.05136EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/02/25 4:15 p.m.32 views

Command injection

An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker ca...

9CVSS7.2AI score0.06892EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2020/02/24 12:0 a.m.57 views

Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability

Summary An exploitable improper access control vulnerability exists in the iwwebs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the...

9.9CVSS9.1AI score0.02695EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.60 views

Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability

Summary An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. A...

8CVSS7.7AI score0.02233EPSS
Exploits1
Rows per page
Query Builder