43 matches found
Moxa EDR-810 Command Injection Vulnerability (CNVD-2018-11723)
The EDR-810 is a highly integrated industrial multi-port security router with firewall/NAT/VPN and two-layer manageable switch functionality. A command injection vulnerability exists in the Web server functionality of the Moxa EDR-810 V4.1 build 17030317. The vulnerability can be exploited to...
CVE-2017-14432
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the openvpnServer0tmp= parameter in the...
DEBIAN-CVE-2015-8735
The getvalue function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute aka BT ATT dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service invalid write operation and application crash via a crafted packe...