CVE-2016-8723
An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an ‘/’ will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability.
Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client 1.1
http://www.moxa.com/product/AWK-3131A.htm
7.5 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Any HTTP GET request not preceded by an ‘/’ will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP GET requests to trigger this vulnerability.
There is no way to restart the web application using legitimate functionality outside of rebooting the device.
The following is one of many HTTP GET requests which will result in a web server segmentation fault: GET a HTTP/1.1
To significantly mitigate risk of exploitation, disable the web application before the device is deployed.
2016-11-18 - Vendor Disclosure
2017-04-10 - Public Release
Discovered by Patrick DeSantis of Cisco Talos.