Описание
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various authenticated requests to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.2 High
CVSS3
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various authenticated requests to trigger this vulnerability.
Уязвимость микропрограммного обеспечения беспроводной точки доступа для промышленных систем Moxa AWK-3131A, связанная с ошибками при внесении изменений в «Device Name» (имя хоста), позволяющая нарушителю получить полный контроль над устройством
EPSS
7.2 High
CVSS3
7.2 High
CVSS3
9 Critical
CVSS2