216.73.216.6

CVE-2025-2026

· Published 31/12/2025 08:15 · Modified 31/12/2025 20:42

Labels: CVE-2025-2026 2025-12-31CVE-2025-2026CWE-170[email protected]

Essential information

Published
31/12/2025 08:15
Modified
31/12/2025 20:42
Author
Creator
CVSS
7.1 HIGH (v3) 7.1 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (CVE-2025-2026) that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service (DoS) condition. An authenticated remote attacker with web read-only privileges can exploit the vulnerable API to inject malicious input. Successful exploitation may cause the device to reboot, disrupting normal operations and causing a temporary denial of service.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
moxa / nport 6100-g2 cpe:2.3:a:moxa:nport_6100-g2:*:*:*:*:*:*:*:*
moxa / nport 6200-g2 cpe:2.3:a:moxa:nport_6200-g2:*:*:*:*:*:*:*:*

References