CVE-2021-33823

HIGH

MOXA Mgate MB3180 2.1 Build 18113012 - Denial of Service via TCP SYN Flood

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-33823. PoCs published by Jian-Xian.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2021-33823, a DoS vulnerability in MOXA Mgate MB3180 devices caused by TCP SYN flooding. It includes screenshots and references to tools like hping3 for demonstration.

Description

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.

Exploits (1)

github WRITEUP 10 stars
by Jian-Xian · poc
https://github.com/Jian-Xian/CVE-POC/tree/master/CVE-2021-33823.md

This repository provides a detailed technical analysis of CVE-2021-33823, a DoS vulnerability in MOXA Mgate MB3180 devices caused by TCP SYN flooding. It includes screenshots and references to tools like hping3 for demonstration.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: MOXA Mgate MB3180 Version 2.1 Build 18113012
No auth needed
Prerequisites: Network access to the target device · hping3 or similar tool for SYN flooding
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0152
EPSS Percentile 71.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (1)
moxa/mgate_mb3180_firmware 2.1 build_18113012
Published Jun 18, 2021
Tracked Since Feb 18, 2026