CyberSec.Space Logo
Back to CVE Browser

CVE-2016-8721

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile31.00th
PublishedApr 20, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.

Affected Platforms (CPE)

💻
Moxa

Awk 3131a Firmware

= 1.1

References & Advisories

🔗 http://www.talosintelligence.com/reports/TALOS-2016-0235/
🔗 http://www.talosintelligence.com/reports/TALOS-2016-0235/

Related Vulnerabilities

CVE-2017-1445910.0

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Ind...

CVE-2019-51389.9

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware ...

CVE-2016-87179.8

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1...

CVE-2019-51368.8

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1....