CVE-2021-38452
Moxa MXview Network Management Software
In short
Moxa MXview Network Management Software has a flaw that allows attackers to create or overwrite critical files on the system, potentially enabling them to execute malicious code. This happens because the software doesn't properly validate file paths, allowing attackers to access directories they shouldn't.
Technical detail
A path traversal vulnerability (CWE-22) in Moxa MXview 3.x through 3.2.2 permits unauthenticated or low-privileged attackers to create or overwrite arbitrary files in protected directories by manipulating file path inputs. Exploitation could result in arbitrary code execution through overwriting executables or libraries, with a CVSS score of 7.5 indicating high severity.
Summary generated and translated by AI from the official description.
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected products
Moxa · MXview Network Management SoftwareWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →