CVE-2023-34216
published 2023-08-17CVE-2023-34216: TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability…
high8.1CVSS 3.1
AVNACLPRLUINSUCNIHAH
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | edr-g9010_series | 1.0 – 2.1 | — |
| moxa | edr-g902_series | 1.0 – 5.7.17 | — |
| moxa | edr-g903_series | 1.0 – 5.7.15 | — |
| moxa | nat-102_series | 1.0 – 1.0.3 | — |
| moxa | tn-4900_firmware | <= 1.2.4 | — |
| moxa | tn-4900_series | 1.0 – 1.2.4 | — |
| moxa | tn-5900_firmware | <= 3.3 | — |
| moxa | tn-5900_series | 1.0 – 3.3 | — |