Filtered by vendor Moxa Subscriptions
Filtered by product Tn-5900 Firmware Subscriptions
Total 11 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-3336 1 Moxa 2 Tn-5900, Tn-5900 Firmware 2024-11-21 5.3 Medium
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.
CVE-2023-34217 1 Moxa 4 Tn-4900, Tn-4900 Firmware, Tn-5900 and 1 more 2024-11-21 8.1 High
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files.
CVE-2023-34216 1 Moxa 4 Tn-4900, Tn-4900 Firmware, Tn-5900 and 1 more 2024-11-21 8.1 High
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.
CVE-2023-34215 1 Moxa 2 Tn-5900, Tn-5900 Firmware 2024-11-21 7.2 High
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices.
CVE-2023-34214 1 Moxa 7 Edr-810, Edr-g902, Edr-g903 and 4 more 2024-11-21 7.2 High
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.
CVE-2023-34213 1 Moxa 2 Tn-5900, Tn-5900 Firmware 2024-11-21 8.8 High
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.
CVE-2023-33239 1 Moxa 9 Edr-810, Edr-g9010, Edr-g902 and 6 more 2024-11-21 8.8 High
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.
CVE-2023-33238 1 Moxa 8 Edr-810, Edr-g9010, Edr-g902 and 5 more 2024-11-21 7.2 High
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.
CVE-2023-33237 1 Moxa 2 Tn-5900, Tn-5900 Firmware 2024-11-21 8.8 High
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors.
CVE-2021-46560 1 Moxa 2 Tn-5900, Tn-5900 Firmware 2024-11-21 9.8 Critical
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.
CVE-2021-46559 1 Moxa 2 Tn-5900, Tn-5900 Firmware 2024-11-21 7.5 High
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.