What is CVE-2023-39980?

CVE-2023-39980 is a high-severity vulnerability in Moxa Mxsecurity Series, classified under SQL Injection. CVSS score: 7.1/10. Published 2023-09-02.

How severe is CVE-2023-39980?

High severity. CVSS v3 base score is 7.1 out of 10.

Is CVE-2023-39980 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

SQL Injection in Moxa Mxsecurity Series

CVE-2023-39980

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote…

Vulnerability class: SQL Injection

EPSS: 0.005 (67.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N.

Affected products

Moxa Mxsecurity Series — versions 1.0

Weakness classification (CWE)

CWE-89 — SQL Injection

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurit… (vendor-advisory)

Frequently asked questions

What is CVE-2023-39980?: CVE-2023-39980 is a high-severity vulnerability in Moxa Mxsecurity Series, classified under SQL Injection. CVSS score: 7.1/10. Published 2023-09-02.
How severe is CVE-2023-39980?: High severity. CVSS v3 base score is 7.1 out of 10.
Is CVE-2023-39980 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.