Resource exhaustion in Moxa Mgate_mb3180

CVE-2021-33824

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.022 (80.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2021-33824?
CVE-2021-33824 is a high-severity vulnerability in Moxa Mgate_mb3180, classified under Uncontrolled Resource Consumption. CVSS score: 7.5/10. Published 2021-06-18.
How severe is CVE-2021-33824?
High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2021-33824 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.