CVE-2026-10829

Vulnerability Description

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges.

Vulnerability Details

Published Date

June 16, 2026

Last Modified

June 16, 2026

CWE ID

CWE-121

Source

NVD

Vendor

Moxa

Product

NPort W2150A-W4/W2250A-W4 Series, NPort W2150A/W2250A Series

External References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261910-cve-2026-10828,-cve-2026-10829-use-of-externally-controlled-format-string-and-stack-based-buffer-overflow-v

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment