CVE-2016-8720
published 2017-04-13CVE-2016-8720: An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware…
medium4.3CVSS 3.1
AVNACLPRNUIRSUCNILAN
An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | awk-3131a_firmware | — | — |
| moxa | awk-3131a_series_industrial_ieee_802.11a_b_g_n_wireless_ap_bridge_client | — | — |