Vulnerability Spotlight: Moxa AWK-3131A Multiple Features Login Username Parameter OS Command Injection Vulnerability
This vulnerability is discovered by Patrick DeSantis and Dave McDaniel of Cisco Talos
Today, Talos is disclosing TALOS-2017-0507 (CVE-2017-14459), a vulnerability that has been identified in Moxa AWK-3131A industrial wireless access point.
The Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client is a wireless networking appliance intended for use in industrial environments. The manufacturer specifically highlights automated materials handling and automated guided vehicles as target markets.
An exploitable OS Command Injection vulnerability exists in the Telnet login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 and newer. An attacker can inject commands via the username parameter, resulting in remote, unauthenticated, root-level operating system command execution.