An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HMoxa Awk 3131a
HWMoxawszystkie wersjeMoxa Awk 3131a Firmware
OSMoxa1.13
Powiązane podatności
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality o...
An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point ...
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa A...
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-52...
An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A...