Buffer Overflow Vulnerability in Moxa NPort W2150A/W2250A Series Firmware

CVE-2024-1220

8.2HIGH

Key Information

Vendor
Moxa
Status
Nport W2150a/w2250a Series
Vendor
CVE Published:
6 March 2024

Summary

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.

Affected Version(s)

NPort W2150A/W2250A Series <= 2.3

Refferences

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Vladimir Razov from Positive Technologies
.