PT-2017-9765 · Moxa · Moxa Awk-3131A Wireless Access Point
Published
2017-04-13
·
Updated
2022-12-13
·
CVE-2016-8723
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Moxa AWK-3131A Wireless Access Point version 1.1
Description
A null pointer dereference issue exists in the Web Application functionality. Sending an HTTP GET request without a preceding '/' can cause a segmentation fault in the web server. An attacker can exploit this by sending unexpected HTTP GET requests.
Recommendations
For Moxa AWK-3131A Wireless Access Point version 1.1, as a temporary workaround, consider restricting access to the web server or avoiding HTTP GET requests without a preceding '/' until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Moxa Awk-3131A Wireless Access Point