CVE-2024-9140

🗓️ 03 Jan 2025 08:26:18Reported by MoxaType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 73 Views

Critical vulnerability CVE-2024-9140 affects Moxa routers allowing OS command injection risks.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-9140	3 Jan 202508:33	–	circl
CNNVD	MOXA多款产品安全漏洞	3 Jan 202500:00	–	cnnvd
Cvelist	CVE-2024-9140	3 Jan 202508:26	–	cvelist
EUVD	EUVD-2024-50435	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Moxa's cellular routers and network security devices	6 Jan 202507:49	–	ncsc
NVD	CVE-2024-9140	3 Jan 202509:15	–	nvd
Positive Technologies	PT-2025-1001 · Moxa · Moxa Secure Routers +2	3 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-9140	5 Feb 202504:28	–	redhatcve
The Hacker News	Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches	11 Mar 202506:45	–	thn
The Hacker News	⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]	13 Jan 202512:05	–	thn

[
  {
    "defaultStatus": "unaffected",
    "product": "EDR-8010 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13.1",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EDR-G9004 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13.1",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EDR-G9010 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13.1",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EDF-G1002-BP Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13.1",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NAT-102 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "1.0.5",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "OnCell G4302-LTE4 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TN-4900 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
moxa	www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo

15 Apr 2026 00:35Current

8.1High risk

Vulners AI Score8.1

CVSS 49.3

CVSS 3.19.8

EPSS0.00721

SSVC

CWE-78