1.0.1

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

moxa

CWE-913

NVD

Published: 2023-09-02

Updated: 2023-09-08

Summary

A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application.

Vulnerable Configurations

Part	Description	Count
Application	Moxa Moxa Mxsecurity 1.0 Moxa Mxsecurity 1.0.1	2

Common Weakness Enumeration (CWE)

CWE-913 - Improper Control of Dynamically-Managed Code Resources

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities