← voltar
CVE-2019-5162

CVE-2019-5162

CVSS 9.9 CRITICALEPSS 2.7%CWE-284
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.9EPSS 2.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
25 fev 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
n/a · Moxa

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0955