Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication Bypass Without Administrator Privilege
Vulnerability Description
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制不正确
Vulnerability Title
MOXA TN-5900 授权问题漏洞
Vulnerability Description
MOXA TN-5900是中国摩莎(MOXA)公司的一系列工业防火墙路由器。 MOXA TN-5900 v3.3 版本之前存在安全漏洞,该漏洞源于 Web API 处理程序中实施的身份验证措施不足,允许低特权 API 执行仅允许高特权 API 执行的受限操作。
CVSS Information
N/A
Vulnerability Type
N/A