VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 17, 2023· Updated Oct 28, 2024

Command-injection Vulnerability in Certificate Management

CVE-2023-33238

Description

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Command injection in Moxa TN-4900/TN-5900 series certificate management allows remote code execution via inadequate input validation.

Vulnerability

A command injection vulnerability exists in the certificate management function of Moxa TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior [1]. The issue stems from inadequate input validation, allowing an attacker to inject arbitrary OS commands via crafted input to the certificate management interface [1]. The affected products also include EDR-810, EDR-G902, EDR-G903, EDR-G9010, and NAT-102 series running affected firmware versions [1].

Exploitation

An attacker must have network access to the affected device's web server and be able to reach the certificate management function [1]. No prior authentication is explicitly required; the vulnerability can be triggered by sending specially crafted requests to the certificate management endpoint [1]. The attacker injects commands through input fields that are not properly sanitized, leading to command execution [1].

Impact

Successful exploitation allows an unauthenticated remote attacker to execute arbitrary OS commands on the affected device with the privileges of the web server process [1]. This can lead to full compromise of the device, including data exfiltration, configuration manipulation, or further lateral movement within the network [1].

Mitigation

Moxa has released firmware updates to address the vulnerability: TN-5900 Series firmware v3.4 and later, TN-4900 Series firmware v1.3.0 and later, and similar updates for other affected product series [1]. Users should apply the latest firmware from Moxa's support site [1]. Mitigation includes minimizing network exposure and using VPNs for remote access [1].

References
  1. TN-5900 and TN-4900 Series Web Server Multiple Vulnerabilities | Moxa

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

9
  • Moxa/TN-5900 Seriesllm-fuzzy2 versions
    <=v3.3+ 1 more
    • (no CPE)range: <=v3.3
    • (no CPE)range: 1.0
  • Moxa/TN-4900 Seriesllm-fuzzy2 versions
    <=v1.2.4+ 1 more
    • (no CPE)range: <=v1.2.4
    • (no CPE)range: 1.0
  • Moxa/EDR-810 Seriesv5
    Range: 1.0
  • Moxa/EDR-G9010 Seriesv5
    Range: 1.0
  • Moxa/EDR-G902cpe-rescue
    Range: 1.0
  • Moxa/Edr G903cpe-rescue
    Range: 1.0
  • Moxa/NAT-102 Seriesv5
    Range: 1.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.