CVE-2026-10829
Awaiting Analysis Awaiting Analysis - Queue

Stack-Based Buffer Overflow in Moxa NPort W2150A-W4/W2250A-W4

Vulnerability report for CVE-2026-10829, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: Moxa Inc.

Description

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-07-06
AI Q&A
2026-06-16
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
moxa nport_w2150a-w4 to 1.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a stack-based buffer overflow found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. It occurs due to insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker can exploit this by sending specially crafted input to the web service, which causes memory corruption.

If successfully exploited, this vulnerability could allow the attacker to execute arbitrary code remotely on the target system with root privileges.

Impact Analysis

Exploitation of this vulnerability can lead to remote code execution with root privileges on the affected device. This means an attacker could gain full control over the system, potentially leading to unauthorized access, data theft, system manipulation, or disruption of services.

Compliance Impact

The vulnerability allows remote code execution with root privileges due to a stack-based buffer overflow in the "Server location" parameter. This could lead to unauthorized access, data breaches, or system compromise.

Such security risks can impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure system operation to prevent unauthorized access and data leakage.

Mitigations recommended include applying firmware updates, restricting network access, enhancing authentication and access control, securing remote access, and maintaining logging and monitoring, all of which support compliance efforts.

Detection Guidance

Detection of this vulnerability involves monitoring for anomalous or crafted input sent to the web service, specifically targeting the "Server location" parameter on the Basic settings page of the NPort W2150A-W4/W2250A-W4 Series devices.

While no specific commands are provided in the resources, general detection methods include:

  • Monitoring web service logs for unusual or malformed requests targeting the "Server location" parameter.
  • Using network traffic analysis tools (e.g., Wireshark, tcpdump) to capture and inspect HTTP requests to the device's web interface.
  • Implementing anomaly detection systems to flag unexpected input patterns or attempts to exploit buffer overflow vulnerabilities.
Mitigation Strategies

Immediate mitigation steps for this vulnerability include:

  • Apply the security patch by updating the firmware to version 1.5.1 or later for the NPort W2150A-W4/W2250A-W4 Series devices.
  • If firmware update is not possible, restrict network access to the affected devices to minimize exposure.
  • Enhance authentication and access control mechanisms to prevent unauthorized access.
  • Secure remote access to the devices.
  • Implement anomaly detection and maintain logging and monitoring to detect potential exploitation attempts.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-10829. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart