Awk-3131a Security Vulnerabilities and Issues — Awk-3131a CVE List

Lucene search

MoxaAwk-3131a

7 matches found

CVE•added 2020/02/25 4:15 p.m.•72 views

CVE-2019-5136

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands...

9CVSS8.7AI score0.00638EPSS

CVE•added 2020/02/25 4:15 p.m.•65 views

CVE-2019-5138

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker ca...

9.9CVSS9.5AI score0.03721EPSS

CVE•added 2020/02/25 4:15 p.m.•63 views

CVE-2019-5142

An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can ...

9CVSS7.1AI score0.02051EPSS

CVE•added 2020/02/25 4:15 p.m.•63 views

CVE-2019-5153

An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send co...

9.9CVSS9.1AI score0.02946EPSS

CVE•added 2020/02/25 4:15 p.m.•62 views

CVE-2019-5162

An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as ...

9.9CVSS8.6AI score0.00638EPSS

CVE•added 2020/11/05 9:15 p.m.•53 views

CVE-2020-13537

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority user...

9.3CVSS7.5AI score0.00032EPSS

CVE•added 2020/11/05 9:15 p.m.•51 views

CVE-2020-13536

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT SYSTEM authority use...

9.3CVSS7.5AI score0.00032EPSS