Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MoxaAwk-3131a Firmware

8 matches found

CVE
CVEadded 2020/02/25 4:15 p.m.68 views

CVE-2019-5137

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.

7.5CVSS7.5AI score0.00449EPSS
CVE
CVEadded 2020/02/25 4:15 p.m.58 views

CVE-2019-5148

An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet ...

7.5CVSS7.5AI score0.00474EPSS
CVE
CVEadded 2017/04/13 7:59 p.m.52 views

CVE-2016-8723

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially une...

7.8CVSS7.4AI score0.00447EPSS
CVE
CVEadded 2020/02/25 4:15 p.m.52 views

CVE-2019-5139

An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts.

7.1CVSS6.9AI score0.00122EPSS
CVE
CVEadded 2017/04/12 7:59 p.m.49 views

CVE-2016-8719

An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim.

7.5CVSS6AI score0.00315EPSS
CVE
CVEadded 2017/04/12 7:59 p.m.48 views

CVE-2016-8716

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting...

7.5CVSS7.4AI score0.00179EPSS
CVE
CVEadded 2017/04/13 7:59 p.m.38 views

CVE-2016-8726

An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web server.

7.8CVSS7.5AI score0.00447EPSS
CVE
CVEadded 2017/04/13 7:59 p.m.34 views

CVE-2016-8727

An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker.

7.5CVSS7.3AI score0.00496EPSS