XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
References
Link | Resource |
---|---|
http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt | Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2017/Apr/51 | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/41852/ | |
http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt | Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2017/Apr/51 | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/41852/ |
Configurations
History
21 Nov 2024, 03:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt - Exploit, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2017/Apr/51 - Third Party Advisory, VDB Entry | |
References | () https://www.exploit-db.com/exploits/41852/ - |
Information
Published : 2017-04-14 14:59
Updated : 2024-11-21 03:31
NVD link : CVE-2017-7457
Mitre link : CVE-2017-7457
CVE.ORG link : CVE-2017-7457
JSON object : View
Products Affected
moxa
- mx-aopc_server
CWE
CWE-611
Improper Restriction of XML External Entity Reference