Vulnerability intelligence

CVE-2026-10829

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges.

CVSS Score

8.6

High

EPSS — Exploit Probability

0.4%

Riskier than 31% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

unknown

Check vendor advisories

NVD entry PoC / advisory

1 article across 1 outlet · first covered Jun 18, 2026 · latest Jun 18, 2026

Coverage timeline

Moxa NPort servers hit by critical root access bug CVE-2026-10829
securityonline.info · Jun 18, 2026