CVE-2021-38454
Moxa MXview Network Management Software
In short
A flaw in Moxa MXview Network Management Software allows attackers to create or overwrite critical files on the system by exploiting how the software handles file paths. This can lead to unauthorized code execution and complete system compromise.
Technical detail
Path traversal vulnerability in MXview 3.x–3.2.2 permits an unauthenticated or low-privileged attacker to traverse directory structures and write arbitrary files (programs, libraries) to locations used for code execution. The vulnerability stems from insufficient input validation on file path parameters, enabling arbitrary file creation/overwrite without proper access controls, resulting in remote code execution.
Summary generated and translated by AI from the official description.
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Moxa · MXview Network Management SoftwareWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →