NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability
Description
Stack-based buffer overflow in Moxa NPort W2150A/W2250A Series firmware v2.3 and prior allows remote unauthenticated DoS via crafted web request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack-based buffer overflow in Moxa NPort W2150A/W2250A Series firmware v2.3 and prior allows remote unauthenticated DoS via crafted web request.
Vulnerability
Stack-based buffer overflow in the built-in web server of Moxa NPort W2150A and W2250A series devices. Affected firmware versions are v2.3 and prior [1].
Exploitation
A remote attacker can exploit this vulnerability by sending a crafted payload to the web service without requiring authentication [1]. The attacker needs network access to the device.
Impact
Successful exploitation results in denial of service (DoS) [1]. The CVSS vector indicates no impact to confidentiality, low impact to integrity, and high impact to availability [1].
Mitigation
Moxa has developed a security patch; users should contact Moxa Technical Support to obtain the update [1]. As a workaround, minimize network exposure of the affected devices [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=2.3
- Range: 1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.