CVE-2016-8721

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.
References
Link Resource
http://www.talosintelligence.com/reports/TALOS-2016-0235/ Exploit Technical Description Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:awk-3131a_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:h:moxa:awk-3131a:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-04-20 18:59

Updated : 2024-02-28 15:44


NVD link : CVE-2016-8721

Mitre link : CVE-2016-8721

CVE.ORG link : CVE-2016-8721


JSON object : View

Products Affected

moxa

  • awk-3131a
  • awk-3131a_firmware
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')