Vulnerability Description
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. User is able to execute arbitrary OS commands on the server.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Oncellg3470A-Lte Firmware | <= 10-31-2016 |
| Moxa | Oncellg3470A-Lte | - |
| Moxa | Awk-4131A Firmware | <= 10-31-2016 |
| Moxa | Awk-4131A | - |
| Moxa | Awk-3191 Firmware | <= 05-30-2017 |
| Moxa | Awk-3191 | - |
| Moxa | Awk-5232 Firmware | <= 05-30-2017 |
| Moxa | Awk-5232 | - |
| Moxa | Awk-6232 Firmware | <= 05-30-2017 |
| Moxa | Awk-6232 | - |
| Moxa | Awk-1121 Firmware | <= 06-29-2017 |
| Moxa | Awk-1121 | - |
| Moxa | Awk-1127 Firmware | <= 06-29-2017 |
| Moxa | Awk-1127 | - |
| Moxa | Wac-1001 V2 Firmware | <= 06-29-2017 |
| Moxa | Wac-1001 V2 | - |
| Moxa | Wac-2004 Firmware | <= 06-29-2017 |
| Moxa | Wac-2004 | - |
| Moxa | Awk-3121-M12-Rtg Firmware | <= 06-29-2017 |
| Moxa | Awk-3121-M12-Rtg | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94092Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/94092Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-8363?
CVE-2016-8363 is a vulnerability with a CVSS score of 10.0 (CRITICAL). An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RT...
How severe is CVE-2016-8363?
CVE-2016-8363 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-8363?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Oncellg3470A-Lte Firmware, Moxa Oncellg3470A-Lte, Moxa Awk-4131A Firmware, Moxa Awk-4131A, Moxa Awk-3191 Firmware.