Primary

Context

Moxa NPort 6100-G2/6200-G2 Series Null Byte Injection Vulnerability Leading to Denial-of-Service

Vulnerability

A high-severity null byte injection vulnerability has been identified in the NPort 6100-G2/6200-G2 Series, allowing authenticated remote attackers with web read-only privileges to exploit the device's web API. This exploitation can cause the device to reboot unexpectedly, creating a denial-of-service condition by disrupting normal operations.

Impact

Exploitation of this vulnerability causes the device to reboot, temporarily disrupting normal operations and creating a denial-of-service condition.

Remediation

Users are advised to contact Moxa Technical Support for the security patch (version 1.1.0) to address this vulnerability.

Added: Dec 31, 2025, 8:17 AM

Updated: Dec 31, 2025, 8:17 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

7.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

7.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Moxa NPort 6100-G2/6200-G2 Series Null Byte Injection Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Moxa NPort 6100-G2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating