PT-2024-02: Stack Buffer Overflow to Remote Code Execution (RCE) in Moxa NPort W2150a/W2250a

HIGH

(8.8) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

THREATSCAPE

Analytics articles

26 December 2024
Trending vulnerability digest November 2024
10 December 2024
Artificial intelligence in cyberattacks
9 December 2024
A look at India through the dark web: what hackers are after

What are the security threats on your network?

Check your traffic-for free

Request pilot

Vendor: MOXA Inc.

Product: NPort W2150a/W2250a

Vulnerable version: 2.3 and lower

Vulnerability type:

- CWE-121: Stack-based Buffer Overflow

Identifier (ID):

BDU:2024-01811

CVE-2024-1220

Vulnerability vector:

- Base vulnerability score (CVSSv3.1): CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

- Severity (CVSSv3.1): 8.2 (high)

- Base vulnerability score (CVSSv4.0): CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

- Severity (CVSSv4.0): 8.8 (high)

Description:

The vulnerability was identified in Moxa NPort W2150a/W2250a (v.2.3 and lower). It is possible to execute OS commands on the device as a privileged user (root) due to a stack buffer overflow vulnerability. Exploitation of the vulnerability is possible for an unauthorized user by sending payloads to a web server.

Vulnerability status: Confirmed by vendor

Date of vulnerability detection: 26.10.2023

Recommendations: Update to version >2.3.

Additional information: Security Advisory

()

Researcher: Vladimir Razov (Positive Technologies)

Identifier:

CVE-2024-1220

Vendor:

MOXA Inc.

Vulnerable product:

NPort W2150a/W2250a

Get in touch

Fill in the form and our specialists
will contact you shortly

General
questions

We're happy to answer any questions you may have.

Partnership

Join us in making the world a safer place.

Pilot
application

Test drive our solutions with a customized pilot program.