OS Command Injection Vulnerability in Moxa Cellular and Secure Routers
CVE-2024-9140

Currently unrated

Key Information:

Vendor
Moxa
Vendor
CVE Published:
3 January 2025

Badges

📰 News Worthy

Summary

The vulnerability allows for OS command injection in Moxa’s cellular and secure routers as well as network security appliances. This security flaw is a result of commands not being properly restricted, which could allow an attacker to execute arbitrary code on the affected devices. Such an exploit may lead to unauthorized access, compromised data integrity, and disruption of network services. Organizations deploying these products must take immediate precautions to assess risk and implement the necessary security measures to mitigate potential attacks.

News Articles

favicon imageBankInfoSecurity

Moxa Warns of Critical Industrial Router Vulnerabilities

Taiwanese industrial computing firm Moxa Technologies is warning customers about two high-severity vulnerabilities affecting its routers and network appliances,

9 hours ago

favicon imageHackread

Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation

Critical vulnerabilities have been found in Moxa cellular routers and network security appliances including CVE-2024-9138 and CVE-2024-9140.

17 hours ago

favicon imageSC Media

Moxa patches two flaws in its OT devices, one a critical RCE  

Flaw considered serious since Moxa customers include leading industrial manufacturers and telecoms.

17 hours ago

References

https://www.moxa.com/en/support/product-support/security-...

Timeline

  • 📰

    First article discovered by CyberScoop

  • Vulnerability published

Collectors

NVD Database5 News Article(s)
.