Description
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. User is able to execute arbitrary OS commands on the server.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94092
Scores
CVSS v3
10.0
EPSS
0.0029
EPSS Percentile
51.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (15)
moxa/awk-1121_firmware
< 06-29-2017
moxa/awk-1127_firmware
< 06-29-2017
moxa/awk-1131a_firmware
< 10-31-2016
moxa/awk-3121-m12-rtg_firmware
< 06-29-2017
moxa/awk-3131-m12-rcc_firmware
< 06-29-2017
moxa/awk-3131a_firmware
< 10-31-2016
moxa/awk-3191_firmware
< 05-30-2017
moxa/awk-4131a_firmware
< 10-31-2016
moxa/awk-5232-m12-rcc_firmware
< 06-29-2017
moxa/awk-5232_firmware
< 05-30-2017
... and 5 more
Published
Feb 13, 2017
Tracked Since
Feb 18, 2026