CVE-2026-10829

HIGH

Moxa NPort W2150A-W4/W2250A-W4 Series - Stack-based Buffer Overflow

Title source: rule
STIX 2.1

Description

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges.

Scores

CVSS v4 8.6
EPSS 0.0047
EPSS Percentile 37.6%
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-121
Status published
Products (2)
Moxa/NPort W2150A-W4/W2250A-W4 Series 1.0 - 1.5
Moxa/NPort W2150A/W2250A Series 1.0 - 2.3
Published Jun 16, 2026
Tracked Since Jun 16, 2026