CVE-2021-33824
Summary
| CVE | CVE-2021-33824 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-06-18 20:15:00 UTC |
| Updated | 2021-06-24 19:01:00 UTC |
| Description | An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service. |
Risk And Classification
Problem Types: CWE-400
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Moxa | Mgate Mb3180 | - | All | All | All |
| Operating System | Moxa | Mgate Mb3180 Firmware | 2.1 | build_18113012 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-POC/CVE-2021-33824.md at master · Jian-Xian/CVE-POC · GitHub | MISC | github.com | |
| GitHub - shekyan/slowhttptest: Application Layer DoS attack simulator | MISC | github.com | |
| MGate MB3180/MB3280/MB3480 Series - Modbus TCP Gateways | MOXA | MISC | www.moxa.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.