Intrusion Prevention

Moxa.AWK-313A.Web.APP.CSRF

Description

This indicates an attack attempt to exploit an Cross-Site Request-Forgery Vulnerability in Moxa AWK-3131A Wireless Access Point.
The vulnerability is due to insufficient sanitization of user supplied inputs in the application. An attacker may exploit this to cause the server to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application.

Affected Products

Moxa AWK-3131A Wireless Access Point firmware 1.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.
To mitigate risk of exploitation, disable the web application before the device is deployed.

CVE References

CVE-2016-8718