Описание
An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:moxa:awk-3131a_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:h:moxa:awk-3131a:-:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.0118
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-74
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.
EPSS
Процентиль: 78%
0.0118
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-74