CVE-2021-33824

Vulnerability

The MOXA Mgate MB3180 protocol gateway running firmware version 2.1 Build 18113012 is susceptible to a Slow HTTP Denial-of-Service (DoS) attack. The web server does not properly handle incomplete HTTP requests, allowing an attacker to keep connections open indefinitely by sending partial requests using the slowhttptest tool [2][3]. This leads to resource exhaustion.

Exploitation

An attacker with network access to the device can use the slowhttptest tool to send slow HTTP requests, deliberately keeping the connection open by sending data slowly. The tool simulates Application Layer DoS attacks by prolonging HTTP connections [3]. No authentication is required; the attack is performed remotely over the network.

Impact

Successful exploitation results in the web server becoming unresponsive due to exhaustion of connection resources. The device's web interface becomes inaccessible, causing a denial-of-service condition. No data is compromised, but the management interface is unavailable.

Mitigation

As of the available references, no official patch or firmware update has been released to address this vulnerability. Users should monitor Moxa's security advisory page for updates [1]. In the interim, restricting network access to the device's web interface via firewall rules or placing it behind a VPN may reduce exposure.