Lucene search
K

16 matches found

NVD
NVD
added 2026/06/16 12:16 p.m.12 views

CVE-2026-10828

A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An...

6.9CVSS0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 10:18 a.m.28 views

CVE-2026-10829

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit...

8.6CVSS0.00472EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 10:16 a.m.8 views

CVE-2026-10828

A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An...

6.9CVSS5.3AI score0.0031EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.10 views

PT-2026-49654

Name of the Vulnerable Software and Affected Versions NPort W2150A-W4/W2250A-W4 Series versions prior to 1.5.1 Description A stack-based buffer overflow occurs due to insufficient input validation of user-supplied input in the Server location parameter on the Basic settings page. An authenticated...

8.6CVSS6.6AI score0.00472EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 2:15 a.m.6 views

CVE-2024-1220

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...

7.5CVSS6.2AI score0.00661EPSS
Exploits0References1
Prion
Prion
added 2024/03/06 2:15 a.m.18 views

Stack overflow

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...

6.4CVSS8.1AI score0.00661EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/06 1:51 a.m.17 views

CVE-2024-1220 NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...

8.2CVSS8.4AI score0.00661EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/06 1:51 a.m.12 views

CVE-2024-1220 NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...

8.2CVSS7.4AI score0.00661EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.3 views

The vulnerability of the web-server microprogramming software for NPort W2150A and W2250A allows a hacker to cause a service failure.

The vulnerability of the microprogrammed software routers NPort W2150A and W2250A lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a specially crafted web request remotely...

8.5CVSS7.6AI score0.00661EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.14 views

Moxa NPort W2150A and W2250A Credentials Management (CVE-2017-16727)

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...

9.1CVSS7.3AI score0.01507EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.7 views

The vulnerability of Microprogrammed Software in Serial Interface Controllers Moxa NPort W2150A/W2250A arises from insufficient data cleaning at the control level, allowing attackers to execute arbitrary code.

The vulnerability of the microprogrammed software of Moxa NPort W2150A/W2250A serial interface converters lies in the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS5.9AI score
Exploits0References1Affected Software2
CNVD
CNVD
added 2017/12/25 12:0 a.m.2 views

Moxa NPort W2150A and W2250A Unauthorized Access Vulnerability

Moxa NPort W2150A and NPort W2250A are Moxa's serial communication servers for connecting industrial serial devices to a network. An unauthorized access vulnerability exists in the Moxa NPort W2150A prior to version 1.11 and the NPort W2250A prior to version 1.11, which stems from a null default...

9.1CVSS7.1AI score0.01507EPSS
Exploits0References1
OSV
OSV
added 2017/12/22 2:29 a.m.2 views

CVE-2017-16727

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...

9.1CVSS5.8AI score0.01507EPSS
Exploits0References2
Prion
Prion
added 2017/12/22 2:29 a.m.12 views

Default credentials

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...

6.4CVSS9AI score0.01507EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2017/12/22 2:0 a.m.53 views

CVE-2017-16727

The CVE-2017-16727 issue affects Moxa NPort W2150A and W2250A devices: versions prior to 1.11 contain a default empty password, allowing an unauthenticated remote user to access the device and potentially fully compromise the confidentiality and integrity of wireless traffic. Impact ranges from u...

9.1CVSS9AI score0.01507EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2017/12/21 12:0 a.m.55 views

ICSA-17-355-01_Moxa NPort W2150A and W2250A

CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Moxa Equipment: NPort W2150A and W2250A Vulnerability: Credentials Management AFFECTED PRODUCTS The following versions of NPort, a serial network interface, are affected: NPort W2150A Versions prior to 1.11, and NPort...

9.1CVSS9.5AI score0.01507EPSS
Exploits0References2
Rows per page
Query Builder