Command-injection Vulnerability in Certificate Management
CVE-2023-33238
9.8CRITICAL
Key Information:
- Vendor
Moxa
- Vendor
- CVE Published:
- 17 August 2023
What is CVE-2023-33238?
The TN-4900 and TN-5900 Series firmware from Moxa contains a command injection vulnerability due to insufficient input validation within the certificate management function. This flaw allows attackers to potentially execute arbitrary commands remotely on the affected devices, posing significant security risks that could compromise device integrity and data confidentiality.
Affected Version(s)
EDR-810 Series 1.0 <= 5.12.27
EDR-G9010 Series 1.0 <= 2.1
EDR-G902 Series 1.0 <= 5.7.17