Name of the Vulnerable Software and Affected Versions Moxa MGate versions MB3170, MB3180, MB3270, MB3280, MB3480, MB3660

Description The issue is related to a buffer overflow in the stack when handling input data in the SysChallenge parameter. This can be exploited by a remote attacker to execute arbitrary code or cause a denial of service using a specially crafted packet.

Recommendations For Moxa MGate versions MB3170, MB3180, MB3270, MB3280, MB3480, MB3660, consider restricting access to the vulnerable SysChallenge parameter until a patch is available. As a temporary workaround, avoid using the SysChallenge parameter in the affected API endpoint until the issue is resolved.