Moxa · Nport 6100-G2/6200-G2 Series · CVE-2025-2026
**Name of the Vulnerable Software and Affected Versions**
NPort 6100-G2/6200-G2 Series (affected versions not specified)
**Description**
A security issue exists in the NPort 6100-G2/6200-G2 Series that allows remote attackers to execute a null byte injection through the device’s web API. Successful exploitation may cause the device to reboot, resulting in a denial-of-service (DoS) condition. An authenticated remote attacker with web read-only privileges can exploit the vulnerable API to inject malicious input. The API endpoint is susceptible to null byte injection attacks.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.