MXsecurity Hardcoded Credential Vulnerability

CVE-2023-33236

9.8CRITICAL

Key Information

Vendor: Moxa
Status: MXsecurity Series
Vendor: CVE Published:; 22 May 2023

Summary

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs.

Affected Version(s)

MXsecurity Series = 1.0

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
May 22, 2023
Vulnerability Reserved.
May 19, 2023

Collectors

NVD DatabaseMitre Database