Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Moxa AWK-3131A 操作系统命令注入漏洞
Vulnerability Description
MOXA AWK-3131A是中国台湾摩莎(MOXA)公司的一款工业级无线访问接入点。 Moxa AWK-3131A存在操作系统命令注入漏洞。攻击者可借助特制的诊断脚本文件利用该漏洞执行任意的busybox命令,控制设备。
CVSS Information
N/A
Vulnerability Type
N/A