CVE-2016-8723

Summary

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
MoxaAWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client1.1affected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References