CVE-2025-2026

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (CVE-2025-2026) that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service (DoS) condition. An authenticated remote attacker with web read-only privileges can exploit the vulnerable API to inject malicious input. Successful exploitation may cause the device to reboot, disrupting normal operations and causing a temporary denial of service.

CVSS

No CVSS.

References

Link	Resource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-251731-cve-2025-1977-cve-2025-2026-multiple-vulnerabilities-in-nport-6100-g2-6200-g2-series

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) La serie NPort 6100-G2/6200-G2 se ve afectada por una vulnerabilidad de alta gravedad (CVE-2025-2026) que permite a atacantes remotos ejecutar una inyección de byte nulo a través de la API web del dispositivo. Esto puede provocar un reinicio inesperado del dispositivo y resultar en una condición de denegación de servicio (DoS). Un atacante remoto autenticado con privilegios de solo lectura web puede explotar la API vulnerable para inyectar entrada maliciosa. La explotación exitosa puede provocar el reinicio del dispositivo, interrumpiendo las operaciones normales y causando una denegación de servicio temporal.

31 Dec 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-31 08:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-2026

Mitre link : CVE-2025-2026

CVE.ORG link : CVE-2025-2026

JSON object : View

Products Affected

No product.

CWE

CWE-170

Improper Null Termination

{"id": "CVE-2025-2026", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@moxa.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-12-31T08:15:45.460", "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-251731-cve-2025-1977-cve-2025-2026-multiple-vulnerabilities-in-nport-6100-g2-6200-g2-series", "source": "psirt@moxa.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "psirt@moxa.com", "description": [{"lang": "en", "value": "CWE-170"}]}], "descriptions": [{"lang": "en", "value": "The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (CVE-2025-2026) that allows remote attackers to execute a null byte injection through the device\u2019s web API. This may lead to an unexpected device reboot and result in a denial-of-service (DoS) condition.\n\nAn authenticated remote attacker with web read-only privileges can exploit the vulnerable API to inject malicious input. Successful exploitation may cause the device to reboot, disrupting normal operations and causing a temporary denial of service."}, {"lang": "es", "value": "La serie NPort 6100-G2/6200-G2 se ve afectada por una vulnerabilidad de alta gravedad (CVE-2025-2026) que permite a atacantes remotos ejecutar una inyecci\u00f3n de byte nulo a trav\u00e9s de la API web del dispositivo. Esto puede provocar un reinicio inesperado del dispositivo y resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\n\nUn atacante remoto autenticado con privilegios de solo lectura web puede explotar la API vulnerable para inyectar entrada maliciosa. La explotaci\u00f3n exitosa puede provocar el reinicio del dispositivo, interrumpiendo las operaciones normales y causando una denegaci\u00f3n de servicio temporal."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "psirt@moxa.com"}