Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
awk-3121_firmware vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-10690
An issue exists on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an malicious user to sniff the traffic easily and allows an malicious user to compromis...
Moxa Awk-3121 Firmware 1.14
445
VMScore
CVE-2018-10691
An issue exists on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log (the system log). However, the same functionality allows an malicious user to download the file without any authentication or authorization.
Moxa Awk-3121 Firmware 1.14
383
VMScore
CVE-2018-10692
An issue exists on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily.
Moxa Awk-3121 Firmware 1.14
383
VMScore
CVE-2018-10694
An issue exists on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an malicious user to sniff the traffic pa...
Moxa Awk-3121 Firmware 1.14
605
VMScore
CVE-2018-10695
An issue exists on Moxa AWK-3121 1.14 devices. It provides alert functionality so that an administrator can send emails to his/her account when there are changes to the device's network. However, the same functionality allows an malicious user to execute commands on the devi...
Moxa Awk-3121 Firmware 1.14
828
VMScore
CVE-2018-10697
An issue exists on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an malicious user to execute commands on the device. T...
Moxa Awk-3121 Firmware 1.14
383
VMScore
CVE-2018-10700
An issue exists on Moxa AWK-3121 1.19 devices. It provides functionality so that an administrator can change the name of the device. However, the same functionality allows an malicious user to execute XSS by injecting an XSS payload. The POST parameter "iw_board_deviceName&q...
Moxa Awk-3121 Firmware 1.19
605
VMScore
CVE-2018-10701
An issue exists on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an malicious user to execute commands on the device. The POST parameter "iw_file...
Moxa Awk-3121 Firmware 1.14
605
VMScore
CVE-2018-10702
An issue exists on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an malicious user to execute commands on the device. The POST parameter "iw_file...
Moxa Awk-3121 Firmware 1.14
605
VMScore
CVE-2018-10693
An issue exists on Moxa AWK-3121 1.14 devices. It provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an malicious user to execute commands on the device. The POST paramet...
Moxa Awk-3121 Firmware 1.14
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »