CVE-2016-8721 Vulnerability Details

  /     /     /  

CVE-2016-8721 Metadata Quick Info

CVE Published: 20/04/2017 | CVE Updated: 06/08/2024 | CVE Year: 2016
Source: talos | Vendor: Moxa | Product: Moxa AWK-3131A WAP
Status : PUBLISHED

---

CVE-2016-8721 Description

An exploitable OS Command Injection vulnerability exists in the web application \'ping\' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: remote code execution
Source: Moxa

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).