CVE-2016-8718 HIGH

CVE-2016-8718

Vendor Moxa
Product AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client
Published April 12, 2017
Last update August 6, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request.

Key dates

02Disclosure timeline

April 12, 2017 CVE published
August 6, 2024 Record updated