CVE-2023-33238

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 17, 2023

Updated: Aug 22, 2023

CWE ID 77

Summary

CVE-2023-33238 is a command injection vulnerability affecting the TN-4900 Series firmware versions prior to v1.2.5 and the TN-5900 Series firmware versions prior to v3.4. This vulnerability arises due to insufficient input validation in the certificate management function, enabling malicious users to inject and execute arbitrary commands on vulnerable devices remotely.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MOXA Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sXt2GO
https://www.cve.org/CVERecord?id=CVE-2023-33238
https://nvd.nist.gov/vuln/detail/CVE-2023-33238

Back to Vulnerability Database

CVE-2023-33238

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations