CVE-2018-19659
Description
Authenticated command injection in Moxa NPort W2x50A web server allows root-level OS command execution via crafted POST request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated command injection in Moxa NPort W2x50A web server allows root-level OS command execution via crafted POST request.
Vulnerability
The Moxa NPort W2x50A products running firmware versions before 2.2 Build_18082311 are vulnerable to an authenticated command injection in the web server functionality. The vulnerability exists in the /goform/net_WebPingGetValue endpoint, where a specially crafted HTTP POST request can result in arbitrary OS command execution [1].
Exploitation
An attacker must have valid credentials to access the web interface. Once authenticated, they can send a maliciously crafted POST request to /goform/net_WebPingGetValue with a payload containing OS commands. The server fails to properly sanitize the input, leading to command injection [1].
Impact
Successful exploitation allows the attacker to execute arbitrary OS commands with root privileges. This can lead to full compromise of the device, including data disclosure, modification, and denial of service.
Mitigation
Upgrade to firmware version 2.2 Build_18082311 or later, which contains the fix for this vulnerability. No workarounds are available; restrict access to the web interface to trusted users only.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <2.2 Build_18082311
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- packetstormsecurity.com/files/150535/Moxa-NPort-W2x50A-2.1-OS-Command-Injection.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2018/Nov/64mitremailing-listx_refsource_FULLDISC
News mentions
0No linked articles in our index yet.