CVE-2021-33823

Опубликовано: 18 июн. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.

Ссылки

https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33823.md
Exploit
Third Party Advisory
https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-mb3180-mb3280-mb3480-series
Product
Vendor Advisory
https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33823.md
Exploit
Third Party Advisory
https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-mb3180-mb3280-mb3480-series
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:moxa:mgate_mb3180_firmware:2.1:build_18113012:*:*:*:*:*:*

cpe:2.3:h:moxa:mgate_mb3180:-:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.0054

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-rwxq-4j33-72w4