Vulnerabilities > CVE-2017-12124 - NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Hardware | 1 |
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | ### Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability. ### Tested Versions Moxa EDR-810 V4.1 build 17030317 ### Product URLs https://www.moxa.com/product/EDR-810.htm ### CVSSv3 Score 7.5 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ### CWE CWE-20 - Improper Input Validation ### Details When the web server is processing HTTP requests it checks the first character of the URI for a / (0x2F). If the first character is not a 0x2F the service will crash. ``` .text:00061460 LDR R3, [R11,#s1] .text:00061464 LDRB R3, [R3] .text:00061468 CMP R3, #0x2F ; '/' .text:0006146C BEQ loc_61454 ``` ### Exploit Proof-of-Concept ``` echo 'GET A HTTP/1.1' | nc -nv 192.168.127.254 80 ``` ### Timeline * 2017-11-15 - Vendor Disclosure * 2017-11-19 - Vendor Acknowledged * 2017-12-25 - Vendor provided timeline for fix (Feb 2018) * 2018-01-04 - Timeline pushed to mid-March per vendor * 2018-03-24 - Talos follow up with vendor for release timeline * 2018-03-26 - Timeline pushed to 4/13/18 per vendor * 2018-04-12 - Vendor patched & published new firmware on website * 2018-04-13 - Public Release |
| id | SSV:97228 |
| last seen | 2018-06-26 |
| modified | 2018-04-16 |
| published | 2018-04-16 |
| reporter | My Seebug |
| source | https://www.seebug.org/vuldb/ssvid-97228 |
| title | Moxa EDR-810 Web Server URI Denial of Service Vulnerability(CVE-2017-12124) |
Talos
| id | TALOS-2017-0476 |
| last seen | 2019-05-29 |
| published | 2018-04-13 |
| reporter | Talos Intelligence |
| source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0476 |
| title | Moxa EDR-810 Web Server URI Denial of Service Vulnerability |