75 matches found
Moxa SoftCMS Denial of Service Vulnerability
Moxa SoftCMS is a set of centralized management software for large-scale surveillance systems developed by Moxa. The software supports real-time video surveillance, video playback and event management. A denial of service vulnerability exists in Moxa SoftCMS versions prior to 1.6. Due to a double...
Moxa SoftCMS SQL Injection Vulnerability
Moxa SoftCMS is a set of centralized management software for large-scale surveillance systems developed by Moxa. The software supports real-time video surveillance, video playback and event management. A SQL injection vulnerability exists in Moxa SoftCMS versions prior to 1.6. An attacker can...
Moxa SoftCMS 1.5 - Denial of Service (PoC)
Moxa SoftCMS 1.5 - Denial of Service PoC ''' Title: Moxa SoftCMS 1.5 AspWebServer Denial of Service Vulnerability Author: Zhou Yu Email: [email protected] Vendor: http://www.moxa.com/ Versions affected: 1.5 or prior versions Test on: Moxa SoftCMS 1.5 on Windows 7 SP1 x32 CVE: CVE-2016-9332 Advisor...
Moxa SoftCMS 1.5 - Denial of Service (PoC) Exploit
Exploit for windows platform in category dos / poc ''' Title: Moxa SoftCMS 1.5 AspWebServer Denial of Service Vulnerability Author: Zhou Yu Email: email protected Vendor: http://www.moxa.com/ Versions affected: 1.5 or prior versions Test on: Moxa SoftCMS 1.5 on Windows 7 SP1 x32 CVE: CVE-2016-933...
Moxa SoftCMS 1.5 - Denial of Service (PoC)
''' Title: Moxa SoftCMS 1.5 AspWebServer Denial of Service Vulnerability Author: Zhou Yu Email: [email protected] Vendor: http://www.moxa.com/ Versions affected: 1.5 or prior versions Test on: Moxa SoftCMS 1.5 on Windows 7 SP1 x32 CVE: CVE-2016-9332 Advisory:...
Moxa SoftCMS CGI Program SQL Injection (CVE-2016-5792)
A SQL injection vulnerability has been reported in Moxa SoftCMS. The vulnerability is due to insufficient input validation on user supplied input. A remote attacker can exploit this vulnerability by providing a crafted input to the product. Successful exploitation would allow the attacker to...
Login Authentication Bypass Vulnerability in SoftCMS System
SoftCMS is a large-scale video surveillance management system from Moxa Moxa Technology. A security bypass vulnerability exists in SoftCMS version 1.5 in the password input field of the user login page, which can be exploited by attackers to bypass user authentication and login the system...
Moxa SoftCMS Vulnerabilities
OVERVIEW Zhou Yu working with Trend Micro’s Zero Day Initiative and Gu Ziqiang from Huawei Weiran Labs have identified vulnerabilities in Moxa’s SoftCMS Webserver Application. Moxa has produced an update to mitigate these vulnerabilities. Both researchers have tested the update to validate that i...
Moxa SoftCMS getcaminfo SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getcaminfo.asp script. When parsing the VWID element, the process fails to properly...
CVE-2016-5792
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...
CVE-2016-5792
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...
Sql injection
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...
CVE-2016-5792
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields...
CVE-2016-5792
Moxa SoftCMS SQL Injection (CVE-2016-5792) affects SoftCMS versions before 1.5. The vulnerability stems from improper input validation, allowing remote attackers to craft inputs that execute arbitrary SQL commands via unspecified fields (getcaminfo.asp is cited by ZDI as a risk vector). Impact de...
Moxa SoftCMS SQL Injection Vulnerability
Moxa SoftCMS is a centralized management software for type monitoring systems. Moxa SoftCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...
Moxa SoftCMS SQL Injection Vulnerability
OVERVIEW Zhou Yu of Acorn Network Security has identified a SQL injection vulnerability in Moxa's SoftCMS. ZDI reported this vulnerability to ICS-CERT. Moxa has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Moxa reports that t...
Moxa SoftCMS VLCPlugin ActiveX Control setUserInfoData strUserName Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of the...
Moxa SoftCMS IPCam.IPCam_Video_Render_Plugin.1 IVLCControl setConfigPath Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setConfigPath...
Moxa SoftCMS VLCControl setUserInfoData strIP Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of the...
Moxa SoftCMS RTSPVIDEO.rtspvideoCtrl.1 Open3 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Open3 method of...