Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-9332

CWE-3994 documents4 sources
Severity
7.5HIGH
EPSS
29.7%
top 3.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Moxa Softcms
Timeline
PublishedFeb 13
Latest updateMay 17

Description

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5moxa_softcms_prior_to_version_1.6Moxa SoftCMS prior to Version 1.6
NVDmoxa/softcms1.5

🔴Vulnerability Details

2
GHSA
GHSA-55xr-gqp7-q7ff: An issue was discovered in Moxa SoftCMS versions prior to Version 12022-05-17
CVEList
CVE-2016-9332: An issue was discovered in Moxa SoftCMS versions prior to Version 12017-02-13

💥Exploits & PoCs

1
Exploit-DB
Moxa SoftCMS 1.5 - Denial of Service (PoC)2016-11-18
CVE-2016-9332 (HIGH CVSS 7.5) | An issue was discovered in Moxa Sof | cvebase.io