CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-5136

HIGH
8.8
CVSS Severity Score
EPSS Score0.0940%
EPSS Percentile4.76th
Published2020年2月25日
Last Modified2024年11月21日

Vulnerability Description

An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Affected Platforms (CPE)

💻
Moxa

Awk 3131a Firmware

= 1.13

References & Advisories

🔗 https://talosintelligence.com/vulnerability_reports/TALOS-2019-0925
🔗 https://talosintelligence.com/vulnerability_reports/TALOS-2019-0925

相关漏洞威胁

CVE-2017-1445910.0

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Ind...

CVE-2019-51389.9

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware ...

CVE-2016-87179.8

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1...

CVE-2016-87219.1

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Ac...

CVE-2019-5136 Detail & Impact Analysis | CVSS 8.8 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space