CVE-2016-9363

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Buffer overflow vulnerability may allow an unauthenticated attacker to remotely execute arbitrary code.
References
Link Resource
http://www.securityfocus.com/bid/85965 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:nport_5100_series_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5110:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:moxa:nport_5100_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5130:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5150:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:moxa:nport_5200_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5210:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5230:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5232:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5232i:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:moxa:nport_5400_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5410:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5430:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5430i:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450i:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450i-t:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:moxa:nport_5600_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5610:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5630:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5650:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:moxa:nport_5100a_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5110a:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5130a:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5150a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:moxa:nport_p5150a_series_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_p5110a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:moxa:nport_5200a_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5210a:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5230a:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5250a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:moxa:nport_5x50a1-m12_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5150a1-m12:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5150a1-m12-ct:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5150a1-m12-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5150a1-m12-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5250a1-m12:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5250a1-m12-ct:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5250a1-m12-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5250a1-m12-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450a1-m12:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450a1-m12-ct:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450a1-m12-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5450a1-m12-t:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:h:moxa:nport_5600-8-dtl_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_5610-8-dtl:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5650-8-dtl:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_5650i-8-dtl:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:moxa:nport_6100_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:moxa:nport_6150:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:nport_6150-t:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-02-13 21:59

Updated : 2024-02-28 15:44


NVD link : CVE-2016-9363

Mitre link : CVE-2016-9363

CVE.ORG link : CVE-2016-9363


JSON object : View

Products Affected

moxa

  • nport_5400_series_firmware
  • nport_5450i-t
  • nport_p5150a_series_firmware
  • nport_5650
  • nport_5130a
  • nport_5230
  • nport_5x50a1-m12_series_firmware
  • nport_5450-t
  • nport_5450a1-m12-ct-t
  • nport_5450a1-m12-t
  • nport_5230a
  • nport_5650-8-dtl
  • nport_5150a
  • nport_5200_series_firmware
  • nport_5210a
  • nport_5200a_series_firmware
  • nport_5150a1-m12
  • nport_5100a_series_firmware
  • nport_5410
  • nport_5130
  • nport_5232i
  • nport_5232
  • nport_5110
  • nport_5250a1-m12-t
  • nport_5450a1-m12
  • nport_5450a1-m12-ct
  • nport_5430
  • nport_5150
  • nport_5250a
  • nport_5110a
  • nport_5150a1-m12-ct
  • nport_5450i
  • nport_5100_series_firmware
  • nport_5250a1-m12
  • nport_5650i-8-dtl
  • nport_5450
  • nport_5150a1-m12-t
  • nport_6100_series_firmware
  • nport_5430i
  • nport_5250a1-m12-ct-t
  • nport_p5110a
  • nport_5210
  • nport_6150
  • nport_6150-t
  • nport_5600_series_firmware
  • nport_5630
  • nport_5610
  • nport_5610-8-dtl
  • nport_5250a1-m12-ct
  • nport_5600-8-dtl_series_firmware
  • nport_5150a1-m12-ct-t
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer