Moxa Awk-3131a_firmware
28 CVEs affecting Moxa Awk-3131a_firmware. Latest disclosed: 2020-02-25. Critical: 5, High: 17.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14459 | Critical | 10.0 | 2018-04-11 | An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wi… |
CVE-2016-8363 | Critical | 10.0 | 2017-02-13 | An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2… |
CVE-2019-5138 | Critical | 9.9 | 2020-02-25 | An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially cra… |
CVE-2016-8717 | Critical | 9.8 | 2018-04-02 | An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system… |
CVE-2016-8721 | Critical | 9.1 | 2017-04-20 | An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware… |
CVE-2019-5162 | High | 8.8 | 2020-02-25 | An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specia… |
CVE-2019-5153 | High | 8.8 | 2020-02-25 | An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A spe… |
CVE-2019-5143 | High | 8.8 | 2020-02-25 | An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially craft… |
CVE-2019-5141 | High | 8.8 | 2020-02-25 | An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip… |
CVE-2019-5140 | High | 8.8 | 2020-02-25 | An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic s… |
CVE-2019-5136 | High | 8.8 | 2020-02-25 | An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu… |
CVE-2016-8718 | High | 8.8 | 2017-04-12 | An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1… |
CVE-2016-8712 | High | 8.1 | 2017-04-13 | An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one no… |
CVE-2019-5148 | High | 7.5 | 2020-02-25 | An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet ca… |
CVE-2019-5137 | High | 7.5 | 2020-02-25 | The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa… |
CVE-2016-8727 | High | 7.5 | 2017-04-13 | An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of… |
CVE-2016-8726 | High | 7.5 | 2017-04-13 | An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless A… |
CVE-2016-8723 | High | 7.5 | 2017-04-13 | An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET… |
CVE-2016-8716 | High | 7.5 | 2017-04-12 | An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running fir… |
CVE-2019-5165 | High | 7.2 | 2020-02-25 | An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device… |