An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.
References
Link | Resource |
---|---|
http://www.talosintelligence.com/reports/TALOS-2016-0235/ | Exploit Technical Description Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2017-04-20 18:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-8721
Mitre link : CVE-2016-8721
CVE.ORG link : CVE-2016-8721
JSON object : View
Products Affected
moxa
- awk-3131a
- awk-3131a_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')