mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 06:06:44 +02:00
0xMarcio
974 B
974 B
CVE-2018-10690
Description
An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such as credentials.
POC
Reference
- http://packetstormsecurity.com/files/153223/Moxa-AWK-3121-1.14-Information-Disclosure-Command-Execution.html
- https://github.com/samuelhuntley/Moxa_AWK_1121/blob/master/Moxa_AWK_1121