CVE-2024-9139
published 2024-10-14CVE-2024-9139: The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.
high8.6CVSS 4.0
AVNACLATNPRHUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | edf-g1002-bp_series | 1.0 – 3.12.1 | — |
| moxa | edr-8010_series | 1.0 – 3.12.1 | — |
| moxa | edr-810_series | 1.0 – 5.12.33 | — |
| moxa | edr-g9004_series | 1.0 – 3.12.1 | — |
| moxa | edr-g9010_series | 1.0 – 3.12.1 | — |
| moxa | nat-102_series | 1.0 – 1.0.5 | — |
| moxa | oncell_g4302-lte4_series | 1.0 – 3.9 | — |
| moxa | tn-4900_series | 1.0 – 3.6 | — |