Wdr 3124A Us Firmware
Monthly
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Certain MOXA devices allow reflected XSS via the Config Import menu. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Certain MOXA devices allow reflected XSS via the Config Import menu. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.