QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-2026

Back to search

CVE-2025-2026

Published: Dec 31, 2025

Modified: Dec 31, 2025

PUBLISHED

Description

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (CVE-2025-2026) that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service (DoS) condition. An authenticated remote attacker with web read-only privileges can exploit the vulnerable API to inject malicious input. Successful exploitation may cause the device to reboot, disrupting normal operations and causing a temporary denial of service.

VendorProductVersions

Moxa

NPort 6100-G2/6200-G2 Series

affected
1.0.0
unaffected
1.1.0

Weaknesses (CWE)

CWE-170

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now