CVE-2019-5143— Moxa AWK-3131A 格式化字符串错误漏洞

N/A

An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

N/A

未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)

Moxa AWK-3131A 格式化字符串错误漏洞

MOXA AWK-3131A是中国台湾摩莎（MOXA）公司的一款工业级无线访问接入点。 Moxa AWK-3131A 存在格式化字符串错误漏洞，该漏洞源于该功能没有正确检查边界。攻击者可借助制的时间服务器条目利用该漏洞导致时间服务器缓冲区溢出，从而执行代码。

N/A

N/A