Moxa MXsecurity Series Detection

Binary data moxamxsecuritydetect.nbin...

Moxa MXsecurity Series Hard-coded JWT Key Authentication Bypass (CVE-2023-33236)

Binary data moxamxsecuritycve-2023-33236.nbin...

Moxa MXsecurity Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXsecurity Series Vulnerabilities: Command Injection and Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized...

Moxa MXsecurity Command Injection Vulnerability

Moxa MXsecurity is a management platform from China's Moxa MOXA Inc. It provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. Moxa MXsecurity suffers from a command injection...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 25, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-145-01 Moxa MXsecurity Series CISA encourages users and administrators to review the newly...

Moxa MXsecurity Series Restricted Shell Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MXsecurity Series appliances. Authentication is required to exploit this vulnerability. The specific flaw exists within the SSH CLI program. The issue results from the lack of proper validation ...

Moxa MXsecurity Series Hardcoded JWT Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Moxa MXsecurity Series appliances. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the web-based interface. The issue results from a...

CVE-2023-33236

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs...

Hardcoded credentials

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs...

CVE-2023-33236 MXsecurity Hardcoded Credential Vulnerability

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs...

CVE-2023-33236 MXsecurity Hardcoded Credential Vulnerability

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs...

CVE-2023-33236

CVE-2023-33236 affects Moxa MXsecurity Series software v1.0, where a vulnerability involving hard-coded credentials could be exploited to craft arbitrary JWT tokens and bypass authentication for web-based APIs. The issue enables remote exploitation with low attack complexity and no user interacti...

CVE-2023-33235

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

CVE-2023-33235

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

CVE-2023-33235

CVE-2023-33235 affects Moxa MXsecurity Series software v1.0, where the SSH CLI component is vulnerable to command injection. An attacker with authorization could break out of the restricted shell and execute arbitrary code. Mitigation/patch: upgrade to MXsecurity v1.0.1 or higher (per CISA ICSA a...

CVE-2023-33235 MXsecurity Command Injection Vulnerability

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

CVE-2023-33235 MXsecurity Command Injection Vulnerability

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

MOXA MXsecurity 命令注入漏洞

Moxa MXsecurity is a management platform from China's Moxa MOXA Inc. It provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. Moxa MXsecurity suffers from a command injection...

MOXA MXsecurity 信任管理问题漏洞

MOXA MXsecurity is a management platform from China-based MOXA. It provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A security vulnerability exists in MOXA MXsecurity...

PT-2023-1633 · Unknown · Mxsecurity

Name of the Vulnerable Software and Affected Versions: MXsecurity version 1.0 Description: The issue is related to hardcoded credentials in MXsecurity, which can be exploited to craft arbitrary JWT tokens and bypass authentication for web-based APIs. This allows a remote attacker to elevate their...