CVE-2018-10632
CVE-2018-10632
In short
Moxa NPort serial servers don't limit how many resources a attacker can request, allowing them to overwhelm and crash the device. This affects models 5210, 5230, and 5232 up to version 2.9.
Technical detail
Unrestricted resource consumption vulnerability via unauthenticated or low-privileged requests allows remote attackers to exhaust device memory, CPU, or connection pools, causing denial of service. Affected versions 2.9 build 17030709 and earlier lack rate limiting or resource quotas on API or service requests.
Summary generated and translated by AI from the official description.
In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition.
Affected products
Moxa · NPort 5210, 5230, and 5232Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →