cvedb.io
CVE-2016-8720
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2017-04-13T19:59:00.237 · Last modified 2026-06-17T00:54:52.717

Summary

An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.

Affected products

moxa — awk-3131a_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when moxa ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.