CVE-2016-8719 — Cross-site Scripting in Awk-3131a Series Industrial Ieee 802.11a B G N Wireless AP Bridge Client

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.3%

top 45.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Moxa Awk-3131a Series Industrial Ieee 802.11a B G N Wireless AP Bridge Client Moxa Awk-3131a Firmware

Timeline

PublishedApr 12

Latest updateMay 13

Description

An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶NVDmoxa/awk-3131a_firmware1.1

▶CVEListV5moxa/awk-3131a_series_industrial_ieee_802.11a_b_g_n_wireless_ap_bridge_client1.1

🔴Vulnerability Details

GHSA

GHSA-g7pm-6346-7f46: An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point runnin↗2022-05-13

▶

CVEList

CVE-2016-8719: An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point runnin↗2017-04-12

▶