Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
May 30, 2023
Severity High Analysis Summary Recently, researchers discovered an advanced phishing method called “file archiver in the browser” that exploits .ZIP domains to deceive unsuspecting individuals. This […]May 28, 2023Severity High Analysis Summary An email protection and network security services provider has issued a warning regarding a zero-day vulnerability that has been exploited to compromise […]May 26, 2023Severity High Analysis Summary CVE-2023-32165 CVSS:9.8 D-Link D-View could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in TftpReceiveFileHandler […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
May 30, 2023Severity High Analysis Summary Recently, researchers discovered an advanced phishing method called “file archiver in the browser” that exploits .ZIP domains to deceive unsuspecting individuals. This […]May 28, 2023Severity High Analysis Summary An email protection and network security services provider has issued a warning regarding a zero-day vulnerability that has been exploited to compromise […]May 26, 2023Severity High Analysis Summary CVE-2023-32165 CVSS:9.8 D-Link D-View could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in TftpReceiveFileHandler […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Alert – Malspam Pushing Ursnif Infection with Dridex Trojan
December 4, 2019Rewterz Threat Alert – Shamoon 2: Disttrack Wiper Returns
December 5, 2019
Severity
High
Analysis Summary
CVE-2018-10690
The device uses HTTP traffic by default allowing insecure communication to the web server, which could allow an attacker to compromise sensitive data such as credentials.
CVE-2018-10691
An attacker can navigate to a URL and download the system log without authentication, which may allow access to sensitive information.
CVE-2018-10692
A cross-site scripting attack allows access to session cookies, which may allow an attacker to login into the device.
CVE-2018-10693
An unauthorized user may execute network troubleshooting commands to cause a buffer overflow condition, which may allow the attacker to execute commands on the device.
CVE-2018-10694
The Wi-Fi connection used to set up the device is not encrypted by default, which may allow an attacker to capture sensitive data.
CVE-2018-10695
An unauthorized user may cause a buffer overflow using the device alert functionality, which may allow the attacker to execute commands on the device.
CVE-2018-10696
The web interface is not protected against CSRF attacks, which may allow an attacker to trick a user into executing commands or actions by clicking a malicious link.
CVE-2018-10697
An unauthorized user may inject malicious commands into the system while using network troubleshooting functions, which may allow the attacker to execute unauthorized commands on the device.
CVE-2018-10698
The system enables an insecure service by default, which may allow an attacker to view sensitive information or modify information being transmitted through a man-in-the-middle attack.
CVE-2018-10699
An unauthorized user can inject malicious commands while using system certificate functions, which may allow the attacker to execute unauthorized commands on the device.
CVE-2018-10700
An unauthorized user can execute an XSS attack, which may allow the injection of a malicious payload on the server.
CVE-2018-10701
An unauthorized user may cause a buffer overflow on the system using system troubleshooting functions, which may allow the attacker to execute commands.
CVE-2018-10702
An unauthorized user may inject malicious commands on the system using system troubleshooting functions, which may allow the attacker to execute commands on the device.
CVE-2018-10703
An unauthorized user may cause a buffer overflow on the system using system troubleshooting functions, which may allow the attacker to execute commands on the device.
Impact
- Exposure of sensitive information,
- Cause availability issues
- Execute remote code.
Affected Vendors
Moxa
Affected Products
AWK-3121: All Versions 1.14 and prior
Remediation
This device has reached end of life and has been replaced by model AWK-1131A.
Moxa recommends users apply the latest security patch: