CVE-2026-10829
HIGHMoxa NPort W2150A-W4/W2250A-W4 Series - Stack-based Buffer Overflow
Title source: ruleDescription
A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges.
References (1)
Core 1
Core References
Scores
CVSS v4
8.6
EPSS
0.0047
EPSS Percentile
37.6%
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (2)
Moxa/NPort W2150A-W4/W2250A-W4 Series
1.0 - 1.5
Moxa/NPort W2150A/W2250A Series
1.0 - 2.3
Published
Jun 16, 2026
Tracked Since
Jun 16, 2026