CVE-2023-33235 MXsecurity Command Injection Vulnerability

🗓️ 22 May 2023 05:38:29Reported by MoxaType

MXsecurity 1.0 Command Injection Vulnerability SSH CLI

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the application software interface of the software platform for managing security in industrial networks, MXSecurity, allows a perpetrator to execute arbitrary commands.	24 Mar 202300:00	–	bdu_fstec
Circl	CVE-2023-33235	22 May 202312:25	–	circl
CNNVD	MOXA MXsecurity 命令注入漏洞	22 May 202300:00	–	cnnvd
CNVD	Moxa MXsecurity Command Injection Vulnerability	28 May 202300:00	–	cnvd
CVE	CVE-2023-33235	22 May 202305:38	–	cve
EUVD	EUVD-2023-37404	3 Oct 202520:07	–	euvd
ICS	Moxa MXsecurity Series	31 May 202320:26	–	ics
NVD	CVE-2023-33235	22 May 202306:15	–	nvd
Prion	Command injection	22 May 202306:15	–	prion
Positive Technologies	PT-2023-1907 · Unknown · Mxsecurity	8 Mar 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "product": "MXsecurity Series",
    "vendor": "Moxa",
    "versions": [
      {
        "status": "affected",
        "version": "1.0"
      }
    ]
  }
]

Source	Link
moxa	www.moxa.com/en/support/product-support/security-advisory/mxsecurity-command-injection-and-hardcoded-credential-vulnerabilities

22 May 2023 05:38Current

9.3High risk

Vulners AI Score9.3

CVSS 3.17.2

EPSS0.01602

CWE-77