CVE-2023-34214
published 2023-08-17CVE-2023-34214: TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | edr-810_series | 1.0 – 5.12.27 | — |
| moxa | edr-g902_series | 1.0 – 5.7.17 | — |
| moxa | edr-g903_series | 1.0 – 5.7.15 | — |
| moxa | tn-4900_firmware | <= 1.2.4 | — |
| moxa | tn-4900_series | 1.0 – 1.2.4 | — |
| moxa | tn-5900_firmware | <= 3.3 | — |
| moxa | tn-5900_series | 1.0 – 3.3 | — |