8.2
CVE-2024-1220
- EPSS 1.25%
- Veröffentlicht 06.03.2024 02:15:44
- Zuletzt bearbeitet 25.02.2025 17:42:20
- Quelle psirt@moxa.com
- CVE-Watchlists
- Unerledigt
LoginA stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Moxa ≫ Nport W2150a Firmware Version <= 2.3
Moxa ≫ Nport W2250a Firmware Version <= 2.3
Moxa ≫ Nport W2150a-t Firmware Version <= 2.3
Moxa ≫ Nport W2250a-t Firmware Version <= 2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.25% | 0.787 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| psirt@moxa.com | 8.2 | 3.9 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.