CVE-2023-33237
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 17, 2023
Updated: Aug 22, 2023
CWE ID 287
Summary
CVE-2023-33237 is a vulnerability affecting the TN-5900 Series firmware version 3.3 and prior. This issue stems from insufficient authentication measures in the web API handler. As a result, low-privileged APIs can perform actions reserved for high-privileged APIs, increasing the risk of unauthorized exploitation by malicious actors. This vulnerability may allow attackers to gain unauthorized access to restricted functionalities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- MOXA Inc.