CVE-2023-33235: Command Injection
First published: Mon May 22 2023(Updated: )
MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrary code.
Credit: psirt@moxa.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa Mxsecurity | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for MXsecurity version 1.0?
The vulnerability ID for MXsecurity version 1.0 is CVE-2023-33235.
What is the severity of CVE-2023-33235?
The severity of CVE-2023-33235 is high with a CVSS score of 8.8.
What is the affected software for CVE-2023-33235?
The affected software for CVE-2023-33235 is MXsecurity version 1.0.
What is the description of CVE-2023-33235?
CVE-2023-33235 is a command injection vulnerability in MXsecurity version 1.0 that allows attackers with authorization privileges to execute arbitrary commands.
How can I fix CVE-2023-33235?
To fix CVE-2023-33235, it is recommended to update to a patched version of MXsecurity that addresses the command injection vulnerability.
- collector/nvd-index
- vendor/moxa
- canonical/moxa mxsecurity
- version/moxa mxsecurity/1.0