CVE-2024-9404 MEDIUM

CVE-2024-9404: Denial-of-Service Vulnerability

Vendor Moxa
Product VPort 07-3 Series
Weakness CWE-1287
Published December 4, 2024
Last update August 27, 2025

CVSS base score

6.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems.

Key dates

02Disclosure timeline

December 4, 2024 CVE published
August 27, 2025 Record updated