March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – Malspam Pushing Ursnif Infection with Dridex Trojan
December 4, 2019
Rewterz Threat Alert – Shamoon 2: Disttrack Wiper Returns
December 5, 2019
Rewterz Threat Alert – Malspam Pushing Ursnif Infection with Dridex Trojan
December 4, 2019
Rewterz Threat Alert – Shamoon 2: Disttrack Wiper Returns
December 5, 2019
Severity
High
Analysis Summary
CVE-2018-10690
The device uses HTTP traffic by default allowing insecure communication to the web server, which could allow an attacker to compromise sensitive data such as credentials.
CVE-2018-10691
An attacker can navigate to a URL and download the system log without authentication, which may allow access to sensitive information.
CVE-2018-10692
A cross-site scripting attack allows access to session cookies, which may allow an attacker to login into the device.
CVE-2018-10693
An unauthorized user may execute network troubleshooting commands to cause a buffer overflow condition, which may allow the attacker to execute commands on the device.
CVE-2018-10694
The Wi-Fi connection used to set up the device is not encrypted by default, which may allow an attacker to capture sensitive data.
CVE-2018-10695
An unauthorized user may cause a buffer overflow using the device alert functionality, which may allow the attacker to execute commands on the device.
CVE-2018-10696
The web interface is not protected against CSRF attacks, which may allow an attacker to trick a user into executing commands or actions by clicking a malicious link.
CVE-2018-10697
An unauthorized user may inject malicious commands into the system while using network troubleshooting functions, which may allow the attacker to execute unauthorized commands on the device.
CVE-2018-10698
The system enables an insecure service by default, which may allow an attacker to view sensitive information or modify information being transmitted through a man-in-the-middle attack.
CVE-2018-10699
An unauthorized user can inject malicious commands while using system certificate functions, which may allow the attacker to execute unauthorized commands on the device.
CVE-2018-10700
An unauthorized user can execute an XSS attack, which may allow the injection of a malicious payload on the server.
CVE-2018-10701
An unauthorized user may cause a buffer overflow on the system using system troubleshooting functions, which may allow the attacker to execute commands.
CVE-2018-10702
An unauthorized user may inject malicious commands on the system using system troubleshooting functions, which may allow the attacker to execute commands on the device.
CVE-2018-10703
An unauthorized user may cause a buffer overflow on the system using system troubleshooting functions, which may allow the attacker to execute commands on the device.
Impact
- Exposure of sensitive information,
- Cause availability issues
- Execute remote code.
Affected Vendors
Moxa
Affected Products
AWK-3121: All Versions 1.14 and prior
Remediation
This device has reached end of life and has been replaced by model AWK-1131A.
Moxa recommends users apply the latest security patch: