06 April 2018

Critical vulnerability closed in Moxa AWK-3131A industrial access point

A critical vulnerability has been identified in the Moxa AWK-3131A industrial access point. It affects firmware versions 1.4 and later and could allow a remote attacker to execute arbitrary code on the device without authentication.

The highest possible CVSS v.3 base score of 10.0 has been calculated for the vulnerability, which has been assigned the ID CVE-2017-14459. The problem exists due to the possibility of injecting commands via the system log of failed authentication attempts: under certain conditions, the device treats the value of the username field as a command. This could allow a remote client to send virtually any requests to the access point with superuser privileges.

Exploitation of the vulnerability has been confirmed via Telnet, SSH, and the local console port. According to Cisco Talos experts, authorization via the web application may be insecure, as well.

Older firmware versions (1.3 and earlier) are also vulnerable but harder to exploit.

Moxa has released a firmware update which closes the vulnerability.

Source: Cisco Talos