Moxa

Awk-3131a Firmware

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-5137

Exploit
  • EPSS 0.48%
  • Veröffentlicht 25.02.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:44:25

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.

9

CVE-2019-5136

Exploit
  • EPSS 0.52%
  • Veröffentlicht 25.02.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:44:25

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system acces...

10

CVE-2017-14459

  • EPSS 19.8%
  • Veröffentlicht 11.04.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:50

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject c...

10

CVE-2016-8717

  • EPSS 0.35%
  • Veröffentlicht 02.04.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 02:59:55

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving at...

9.1

CVE-2016-8721

Exploit
  • EPSS 1%
  • Veröffentlicht 20.04.2017 18:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in comple...

7.5

CVE-2016-8727

Exploit
  • EPSS 0.5%
  • Veröffentlicht 13.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to a...

7.8

CVE-2016-8726

Exploit
  • EPSS 0.45%
  • Veröffentlicht 13.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will...

5.3

CVE-2016-8725

Exploit
  • EPSS 0.37%
  • Veröffentlicht 13.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an ...

5.3

CVE-2016-8724

Exploit
  • EPSS 3.21%
  • Veröffentlicht 13.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive informat...

7.8

CVE-2016-8723

Exploit
  • EPSS 0.45%
  • Veröffentlicht 13.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attack...