An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0938 | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2020-02-25T15:57:49
Updated: 2022-04-19T17:34:54
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5148
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-25T16:15:10.890
Modified: 2022-06-13T20:13:54.007
Link: CVE-2019-5148
JSON object: View
Redhat Information
No data.