2 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from...
CVE-2020-8858
CVE-2020-8858 affects Moxa MGate 5105-MB-EIP with firmware 4.1. The DestIP parameter in MainPing.asp allows an attacker to inject and execute commands, due to lack of input validation, granting code execution as root after authentication. Documented by ZDI-20-214 and corroborated by multiple vend...