← volver
CVE-2026-10825

Improper JSON Input Validation in WebSocket API Leads to Denial of Service

CVSS 7.1 HIGHEPSS 0.2%CWE-1287
A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Productos afectados
Moxa · NPort 6000-G2 Series

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-268270-cve-2026-10825-improper-validation-of-input-vulnerability-in-serial-device-servers