HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2021-32970

CVSS 7.5v3.1pub. 2022-04-01upd. 2024-11-21

Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Moxa Nport Iaw5150a 12i\/o

    HW
    Moxa
    wszystkie wersje
  • Moxa Nport Iaw5150a 12i\/o Firmware

    OS
    Moxa
    ≤ 2.2
  • Moxa Nport Iaw5150a 6i\/o

    HW
    Moxa
    wszystkie wersje
  • Moxa Nport Iaw5150a 6i\/o Firmware

    OS
    Moxa
    ≤ 2.2
  • Moxa Nport Iaw5250a 12i\/o

    HW
    Moxa
    wszystkie wersje
  • Moxa Nport Iaw5250a 12i\/o Firmware

    OS
    Moxa
    ≤ 2.2
  • Moxa Nport Iaw5250a 6i\/o

    HW
    Moxa
    wszystkie wersje
  • Moxa Nport Iaw5250a 6i\/o Firmware

    OS
    Moxa
    ≤ 2.2
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2021-32974CRITICAL9.8ten sam produkt

Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or...

CVE-2021-32976CRITICAL9.8ten sam produkt

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or ear...

CVE-2021-32968HIGH7.5ten sam produkt

Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earl...

CVE-2023-39979CRITICAL9.8ten sam vendor

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication....

CVE-2023-33236CRITICAL9.8ten sam vendor

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been report...