CVE-2023-33237

Name of the Vulnerable Software and Affected Versions Moxa TN-5900 Series firmware version v3.3 and prior

Description The issue is related to improper authentication in the web API handler of the Moxa TN-5900 Series firmware, allowing low-privileged APIs to execute restricted actions. This presents a potential risk of unauthorized exploitation by malicious actors. The vulnerability arises from inadequate authentication measures implemented in the web API handler.

Recommendations For Moxa TN-5900 Series firmware version v3.3 and prior, consider restricting access to the web API handler until a patch is available. As a temporary workaround, limit the execution of restricted actions to only high-privileged APIs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.