CVE-2016-8721: Command Injection
First published: Thu Apr 20 2017(Updated: )
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa AWK-3131A firmware | =1.1 | |
| Moxa Awk-1131A |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-8721?
CVE-2016-8721 is classified as a high severity vulnerability due to the potential for complete device compromise.
How do I fix CVE-2016-8721?
To fix CVE-2016-8721, it is recommended to upgrade the firmware of the Moxa AWK-3131A to a version that addresses this vulnerability.
What type of vulnerability is CVE-2016-8721?
CVE-2016-8721 is an OS Command Injection vulnerability found in the web application ping functionality.
What devices are affected by CVE-2016-8721?
CVE-2016-8721 affects Moxa AWK-3131A Wireless Access Points running firmware version 1.1.
How can CVE-2016-8721 be exploited?
CVE-2016-8721 can be exploited through specially crafted input in a web form that triggers OS command execution.
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/moxa
- canonical/moxa awk-3131a firmware
- version/moxa awk-3131a firmware/1.1
- canonical/moxa awk-1131a