CVE-2021-37752

Name of the Vulnerable Software and Affected Versions Moxa OnCell G3150A-LTE versions (affected versions not specified) Moxa OnCell G3470A-LTE versions (affected versions not specified) Moxa WDR-3124A versions (affected versions not specified) Moxa AWK-3131A versions (affected versions not specified) Moxa AWK-4131A versions (affected versions not specified) Moxa AWK-1131A versions (affected versions not specified) Moxa AWK-1137C versions (affected versions not specified)

Description The issue is related to a lack of data sanitization on the management level in the web interface of certain Moxa industrial LTE modems and wireless access points. This could allow a remote attacker to execute arbitrary commands.

Recommendations For Moxa OnCell G3150A-LTE, consider restricting access to the web interface until a fix is available. For Moxa OnCell G3470A-LTE, restrict access to the web interface until a fix is available. For Moxa WDR-3124A, restrict access to the web interface until a fix is available. For Moxa AWK-3131A, restrict access to the web interface until a fix is available. For Moxa AWK-4131A, restrict access to the web interface until a fix is available. For Moxa AWK-1131A, restrict access to the web interface until a fix is available. For Moxa AWK-1137C, restrict access to the web interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.