TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.
References
Link | Resource |
---|---|
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | Patch Vendor Advisory |
Configurations
History
28 Oct 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 | |
Summary | (en) TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices. |
22 Aug 2023, 19:10
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | (MISC) https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities - Patch, Vendor Advisory | |
First Time |
Moxa tn-4900 Firmware
Moxa Moxa tn-5900 Firmware Moxa tn-4900 Moxa tn-5900 |
|
CWE | CWE-77 | |
CPE | cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:* cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:moxa:tn-4900:-:*:*:*:*:*:*:* cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:* |
17 Aug 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-17 03:15
Updated : 2024-10-28 06:15
NVD link : CVE-2023-33238
Mitre link : CVE-2023-33238
CVE.ORG link : CVE-2023-33238
JSON object : View
Products Affected
moxa
- tn-5900
- tn-4900
- tn-4900_firmware
- tn-5900_firmware