Vulnerability Details CVE-2024-1220
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.5%
CVSS Severity
CVSS v3 Score 8.2
References
- https://www.moxa.com/en/support/product-support/security-advisory/mpsa-238975-nport-w2150a-w2250a-series-web-server-stack-based-buffer-overflow-vulnerability
- https://www.moxa.com/en/support/product-support/security-advisory/mpsa-238975-nport-w2150a-w2250a-series-web-server-stack-based-buffer-overflow-vulnerability
Products affected by CVE-2024-1220
-
cpe:2.3:h:moxa:nport_w2150a-t:-
-
cpe:2.3:h:moxa:nport_w2150a:-
-
cpe:2.3:h:moxa:nport_w2250a-t:-
-
cpe:2.3:h:moxa:nport_w2250a:-
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:-
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:1.10
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:1.11
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:2.0
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:2.1
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:2.2
-
cpe:2.3:o:moxa:nport_w2150a-t_firmware:2.3
-
cpe:2.3:o:moxa:nport_w2150a_firmware:1.10
-
cpe:2.3:o:moxa:nport_w2150a_firmware:1.11
-
cpe:2.3:o:moxa:nport_w2150a_firmware:2.0
-
cpe:2.3:o:moxa:nport_w2150a_firmware:2.1
-
cpe:2.3:o:moxa:nport_w2150a_firmware:2.3
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:-
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:1.10
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:1.11
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:2.0
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:2.1
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:2.2
-
cpe:2.3:o:moxa:nport_w2250a-t_firmware:2.3
-
cpe:2.3:o:moxa:nport_w2250a_firmware:1.10
-
cpe:2.3:o:moxa:nport_w2250a_firmware:1.11
-
cpe:2.3:o:moxa:nport_w2250a_firmware:2.0
-
cpe:2.3:o:moxa:nport_w2250a_firmware:2.1
-
cpe:2.3:o:moxa:nport_w2250a_firmware:2.3