CVE-2024-1220
EUVD-2024-1698706.03.2024, 02:15
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| moxa | nport_w2150a_firmware | 𝑥 ≤ 2.3 |
| moxa | nport_w2250a_firmware | 𝑥 ≤ 2.3 |
| moxa | nport_w2150a-t_firmware | 𝑥 ≤ 2.3 |
| moxa | nport_w2250a-t_firmware | 𝑥 ≤ 2.3 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| moxa | nport_w2150a_firmware | 1.0 ≤ 𝑥 ≤ 2.3 | ADP |
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.
References