PT-2024-02: Stack Buffer Overflow to Remote Code Execution (RCE) in Moxa NPort W2150a/W2250a Vendor: MOXA Inc.Product: NPort W2150a/W2250aVulnerable version: 2.3 and lowerVulnerability type:- CWE-121: Stack-based Buffer OverflowIdentifier (ID):BDU:2024-01811CVE-2024-1220Vulnerability vector:- Base vulnerability score (CVSSv3.1): CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H- Severity (CVSSv3.1): 8.2 (high)- Base vulnerability score (CVSSv4.0): CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N- Severity (CVSSv4.0): 8.8 (high)Description:The vulnerability was identified in Moxa NPort W2150a/W2250a (v.2.3 and lower). It is possible to execute OS commands on the device as a privileged user (root) due to a stack buffer overflow vulnerability. Exploitation of the vulnerability is possible for an unauthorized user by sending payloads to a web server.Vulnerability status: Confirmed by vendorDate of vulnerability detection: 26.10.2023Recommendations: Update to version >2.3.Additional information: Security AdvisoryResearcher: Vladimir Razov (Positive Technologies)