16 matches found
CVE-2026-10828
A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An...
CVE-2026-10829
A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit...
CVE-2026-10828
A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An...
PT-2026-49654
Name of the Vulnerable Software and Affected Versions NPort W2150A-W4/W2250A-W4 Series versions prior to 1.5.1 Description A stack-based buffer overflow occurs due to insufficient input validation of user-supplied input in the Server location parameter on the Basic settings page. An authenticated...
CVE-2024-1220
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...
Stack overflow
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...
CVE-2024-1220 NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...
CVE-2024-1220 NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...
The vulnerability of the web-server microprogramming software for NPort W2150A and W2250A allows a hacker to cause a service failure.
The vulnerability of the microprogrammed software routers NPort W2150A and W2250A lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a specially crafted web request remotely...
Moxa NPort W2150A and W2250A Credentials Management (CVE-2017-16727)
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...
The vulnerability of Microprogrammed Software in Serial Interface Controllers Moxa NPort W2150A/W2250A arises from insufficient data cleaning at the control level, allowing attackers to execute arbitrary code.
The vulnerability of the microprogrammed software of Moxa NPort W2150A/W2250A serial interface converters lies in the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Moxa NPort W2150A and W2250A Unauthorized Access Vulnerability
Moxa NPort W2150A and NPort W2250A are Moxa's serial communication servers for connecting industrial serial devices to a network. An unauthorized access vulnerability exists in the Moxa NPort W2150A prior to version 1.11 and the NPort W2250A prior to version 1.11, which stems from a null default...
CVE-2017-16727
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...
Default credentials
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...
CVE-2017-16727
The CVE-2017-16727 issue affects Moxa NPort W2150A and W2250A devices: versions prior to 1.11 contain a default empty password, allowing an unauthenticated remote user to access the device and potentially fully compromise the confidentiality and integrity of wireless traffic. Impact ranges from u...
ICSA-17-355-01_Moxa NPort W2150A and W2250A
CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Moxa Equipment: NPort W2150A and W2250A Vulnerability: Credentials Management AFFECTED PRODUCTS The following versions of NPort, a serial network interface, are affected: NPort W2150A Versions prior to 1.11, and NPort...