Lucene search

K
MoxaAwk-3121 Firmware

9 matches found

CVE
CVE
added 2019/06/07 8:29 p.m.169 views

CVE-2018-10699

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device. T...

8.8CVSS9AI score0.00553EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.160 views

CVE-2018-10695

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides alert functionality so that an administrator can send emails to his/her account when there are changes to the device's network. However, the same functionality allows an attacker to execute commands on the device. The POST parameter...

8.8CVSS8.9AI score0.00607EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.158 views

CVE-2018-10694

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between the...

8.1CVSS7.9AI score0.00163EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.155 views

CVE-2018-10696

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a web interface to allow an administrator to manage the device. However, this interface is not protected against CSRF attacks, which allows an attacker to trick an administrator into executing actions without his/her knowled...

8.8CVSS8.5AI score0.00254EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.148 views

CVE-2018-10690

An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such a...

8.1CVSS7.9AI score0.00264EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.148 views

CVE-2018-10701

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible t...

8.8CVSS8.9AI score0.00706EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.147 views

CVE-2018-10693

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is s...

8.8CVSS8.9AI score0.00693EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.144 views

CVE-2018-10702

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible t...

8.8CVSS9AI score0.02404EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.114 views

CVE-2018-10703

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_serverip" is susceptible t...

8.8CVSS8.9AI score0.00693EPSS