CVE-2019-9099
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2).
Se detectó un problema en los dispositivos Moxa MGate MB3170 y MB3270 versiones anteriores a la versión 4.1, MB3280 y MB3480 versiones anteriores a la versión 3.1, MB3660 versiones anteriores a la versión 2.3, y MB3180 versiones anteriores a la versión 2.1. Un desbordamiento de búfer en el servidor web incorporado permite a atacantes remotos iniciar una DoS, y probablemente ejecutar código arbitrario (problema 1 de 2).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-02-24 CVE Reserved
- 2020-03-11 CVE Published
- 2024-04-20 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://www.us-cert.gov/ics/advisories/icsa-20-056-01 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Moxa Search vendor "Moxa" | Mb3170 Firmware Search vendor "Moxa" for product "Mb3170 Firmware" | <= 4.0 Search vendor "Moxa" for product "Mb3170 Firmware" and version " <= 4.0" | - |
Affected
| in | Moxa Search vendor "Moxa" | Mb3170 Search vendor "Moxa" for product "Mb3170" | - | - |
Safe
|
Moxa Search vendor "Moxa" | Mb3270 Firmware Search vendor "Moxa" for product "Mb3270 Firmware" | <= 4.0 Search vendor "Moxa" for product "Mb3270 Firmware" and version " <= 4.0" | - |
Affected
| in | Moxa Search vendor "Moxa" | Mb3270 Search vendor "Moxa" for product "Mb3270" | - | - |
Safe
|
Moxa Search vendor "Moxa" | Mb3180 Firmware Search vendor "Moxa" for product "Mb3180 Firmware" | <= 2.0 Search vendor "Moxa" for product "Mb3180 Firmware" and version " <= 2.0" | - |
Affected
| in | Moxa Search vendor "Moxa" | Mb3180 Search vendor "Moxa" for product "Mb3180" | - | - |
Safe
|
Moxa Search vendor "Moxa" | Mb3280 Firmware Search vendor "Moxa" for product "Mb3280 Firmware" | <= 3.0 Search vendor "Moxa" for product "Mb3280 Firmware" and version " <= 3.0" | - |
Affected
| in | Moxa Search vendor "Moxa" | Mb3280 Search vendor "Moxa" for product "Mb3280" | - | - |
Safe
|
Moxa Search vendor "Moxa" | Mb3480 Firmware Search vendor "Moxa" for product "Mb3480 Firmware" | <= 3.0 Search vendor "Moxa" for product "Mb3480 Firmware" and version " <= 3.0" | - |
Affected
| in | Moxa Search vendor "Moxa" | Mb3480 Search vendor "Moxa" for product "Mb3480" | - | - |
Safe
|
Moxa Search vendor "Moxa" | Mb3660 Firmware Search vendor "Moxa" for product "Mb3660 Firmware" | <= 2.2 Search vendor "Moxa" for product "Mb3660 Firmware" and version " <= 2.2" | - |
Affected
| in | Moxa Search vendor "Moxa" | Mb3660 Search vendor "Moxa" for product "Mb3660" | - | - |
Safe
|