CVEs-PoC/2016/CVE-2016-8723.md

### [CVE-2016-8723](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8723)
![](https://img.shields.io/static/v1?label=Product&message=AWK-3131A%20Series%20Industrial%20IEEE%20802.11a%2Fb%2Fg%2Fn%20wireless%20AP%2Fbridge%2Fclient&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brightgreen)

### Description

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability.

### POC

#### Reference
- http://www.talosintelligence.com/reports/TALOS-2016-0237/

#### Github
- https://github.com/Live-Hack-CVE/CVE-2016-8723