As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.

Product support

Security Advisories

SUMMARY

TN-5900 and TN-4900 Series Web Server Multiple Vulnerabilities

TN-5900 Series prior to version 3.3 and the TN-4900 Series prior to version 1.2.4 are affected by multiple web server vulnerabilities. Insufficient input validation causes these vulnerabilities. An attacker could exploit the vulnerabilities by sending crafted input to the web service. If exploited successfully, these vulnerabilities could lead to Denial-of-Service, remote code execution, and privilege escalation. 

The identified vulnerability types and potential impacts are shown below: 

Item Vulnerability Type Impact
1

Improper Authentication (CWE-287) 

CVE-2023-33237 

An attacker can use brute force to break the authentication parameters. 
2

Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77) 

CVE-2023-33238, CVE-2023-33239, CVE-2023-34213, CVE-2023-34214, CVE-2023-34215 

An attacker located remotely can execute arbitrary commands on the device via a web interface. 
3

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) 

CVE-2023-34216, CVE-2023-34217 

An attacker may be able to create or overwrite critical files that are used to execute code, such as programs or libraries. 

 

Vulnerability Scoring Details

ID CVSS v3.1 Vector Remote Exploit without Auth? 
CVE-2023-33237  8.8  AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  No
CVE-2023-33238  7.2  AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H  No
CVE-2023-33239  8.8  AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  No
CVE-2023-34213  8.8  AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  No
CVE-2023-34214  7.2  AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H  No
CVE-2023-34215  7.2  AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H  No
CVE-2023-34216  8.1  AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H  No
CVE-2023-34217  8.1  AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H  No
AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected products and firmware versions are shown below. 

Product Series Affected Versions
TN-5900 Series

Firmware version v3.3 and prior versions  

CVE-2023-33237, CVE-2023-33238, CVE-2023-33239, CVE-2023-34213, CVE-2023-34214, CVE-2023-34215, CVE-2023-34216, CVE-2023-34217 

TN-4900 Series 

Firmware version v1.2.4 and prior versions  

CVE-2023-33238, CVE-2023-33239, CVE-2023-34214, CVE-2023-34216, CVE-2023-34217 

EDR-810 Series

Firmware version v5.12.27 and prior versions

CVE-2023-33238, CVE-2023-33239, CVE-2023-34214

EDR-G902 Series

Firmware version v5.7.17 and prior versions

CVE-2023-33238, CVE-2023-33239, CVE-2023-34214, CVE-2023-34216, CVE-2023-34217 

EDR-G903 Series

Firmware version v5.7.15 and prior versions

CVE-2023-33238, CVE-2023-33239, CVE-2023-34214, CVE-2023-34216, CVE-2023-34217 

EDR-G9010 Series

Firmware version v2.1 and prior versions

CVE-2023-33238, CVE-2023-33239, CVE-2023-34216, CVE-2023-34217 

NAT-102 Series

Firmware version v1.0.3 and prior versions

CVE-2023-33238, CVE-2023-33239, CVE-2023-34216, CVE-2023-34217

 

Solutions:

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for the affected products are shown below. 

Product Series Solutions
TN-5900 Series  Please upgrade to firmware v3.4 or higher. 
TN-4900 Series 
Please upgrade to firmware v3.0 or higher.
EDR-810 Series Please upgrade to firmware v5.12.29 or higher.
EDR-G902 Series Please upgrade to firmware v5.7.21 or higher.
EDR-G903 Series Please upgrade to firmware v5.7.21 or higher.
EDR-G9010 Series Please upgrade to firmware v3.0 or higher.
NAT-102 Series Please upgrade to firmware v1.0.5 or higher.

 

Mitigation:

  • Minimize network exposure to ensure the device is not accessible from the Internet. 

  • When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). 

  • The starting point of all the above vulnerabilities is from the web service, so it is suggested to disable the web service temporarily if you completed configuration to prevent further damages from these vulnerabilities until you have installed the patch or updated the firmware.  

 

Products Confirmed Not Vulnerable:

Only products listed in the Affected Products section of this advisory are known to be affected by this vulnerability. 

 

Acknowledgment:

We would like to express our appreciation to Simon Janz of CODE WHITE GmbH for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers. 

 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Aug. 16, 2023
1.1 Update Solution for TN-4900 Series Sept. 4, 2023
1.2 Add EDR-810 Series, EDR-G902 Series, EDR-G903 Series, EDR-G9010 Series, NAT-102 Series in Affected Products and Solutions sections Oct. 20, 2023

Relevant Products

EDR-810 Series · EDR-G9010 Series · EDR-G902 Series · EDR-G903 Series · NAT-102 Series · TN-4900 Series · TN-5900 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
You have some items waiting in your bag; click here to finish your quote!
Feedback