PatchSiren cyber security CVE debrief

CVE-2016-9333 Moxa CVE debrief

CVE-2016-9333 is a critical SQL injection vulnerability in Moxa SoftCMS versions prior to 1.6. According to the NVD record, the issue can allow a remote attacker to access SoftCMS with administrator privileges through specially crafted input. The NVD assigns CVSS 3.0 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating network-reachable, no-authentication exploitation with severe confidentiality, integrity, and availability impact.

Vendor: Moxa
Product: CVE-2016-9333
CVSS: CRITICAL 9.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-13
Original CVE updated: 2026-05-13
Advisory published: 2017-02-13
Advisory updated: 2026-05-13

Who should care

Organizations running Moxa SoftCMS, especially versions 1.5 and earlier, should treat this as a high-priority issue. Security teams, OT/ICS administrators, and anyone exposing SoftCMS to untrusted networks should review affected deployments immediately.

Technical summary

The NVD entry maps this issue to CWE-89 (SQL Injection) and marks cpe:2.3:a:moxa:softcms:* with vulnerable versions through 1.5. The vulnerability is described as improper input sanitization in the SoftCMS application, which may let a remote attacker inject SQL and obtain administrator-level access. The CVSS vector shows no privileges or user interaction required, consistent with a remotely exploitable application flaw.

Defensive priority

Critical. The combination of remote exploitability, no authentication requirement, and full CIA impact makes this a top-priority remediation item for any exposed or operational SoftCMS instance.

Recommended defensive actions

Identify all Moxa SoftCMS deployments and confirm whether any instance is running version 1.5 or earlier.
Upgrade to SoftCMS version 1.6 or later, which is outside the affected range listed in the NVD record.
If immediate upgrading is not possible, restrict network exposure to trusted management networks and limit access as much as operationally feasible.
Review application and database logs for unexpected SQL activity or abnormal administrator logins tied to SoftCMS.
Apply layered controls such as segmentation and access filtering to reduce reachability from untrusted networks.
Reassess any remote administration paths that could expose SoftCMS to attackers and remove unnecessary exposure.

Evidence notes

This debrief is based only on the supplied NVD-derived corpus and official links. The source record states that Moxa SoftCMS prior to version 1.6 is affected, describes the flaw as a SQL injection that can grant administrator privilege, and lists CWE-89 with CVSS 3.0 9.8. The record also cites ICS-CERT advisory ICSA-16-322-02 and SecurityFocus BID 94394 as references, but no additional claims are made beyond the supplied text.

Official resources

CVE-2016-9333 CVE record
CVE.org
CVE-2016-9333 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Mitigation, Third Party Advisory, US Government Resource

CVE published by NVD on 2017-02-13 and last modified on 2026-05-13. The supplied record indicates the issue affects SoftCMS versions prior to 1.6.