U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:h:moxa:vport_06ec-2v60m-ct-t:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity
CVE-2021-25849

An integer underflow was discovered in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, improper validation of the PortID TLV leads to Denial of Service via a crafted lldp packet.

Published: May 10, 2021; 7:15:07 AM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-25848

Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to using fixed loop counter variable without checking the actual available length via a crafted lldp packet.

Published: May 10, 2021; 7:15:07 AM -0400 		V4.0:(not available)
 V3.1: 9.1 CRITICAL
V2.0: 8.5 HIGH
CVE-2021-25847

Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop counter variable via a crafted lldp packet.

Published: May 10, 2021; 7:15:07 AM -0400 		V4.0:(not available)
 V3.1: 9.1 CRITICAL
V2.0: 8.5 HIGH
CVE-2021-25846

Improper validation of the ChassisID TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a negative number passed to the memcpy function via a crafted lldp packet.

Published: May 10, 2021; 7:15:07 AM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-25845

Improper validation of the ChassisID TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a NULL pointer dereference via a crafted lldp packet.

Published: May 10, 2021; 7:15:07 AM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM