Описание
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
8 High
CVSS3
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.
Уязвимость микропрограммного обеспечения беспроводной точки доступа для промышленных систем Moxa AWK-3131A, связанная с ошибками обработки имени хоста, позволяющая нарушителю повысить свои привилегии
EPSS
8 High
CVSS3
7.2 High
CVSS3
6.5 Medium
CVSS2