CVE-2016-8720

Summary

An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.

Affected Software

VendorProductVersion RangeStatus
MoxaAWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client1.1affected

Weaknesses

  • HTTP Header Injection vulnerabilty

ADP Enrichment

CVE Program Container

Additional References

References