Lucene search

[email protected]CVE-2023-33640

HistoryMay 31, 2023 - 9:15 p.m.

CVE-2023-33640

2023-05-3121:15:10

CWE-787

[email protected]

web.nvd.nist.gov

h3c

magic r300

cve-2023-33640

vulnerability

stack overflow

nvd

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.3%

JSON

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm.

Affected configurations

NVD

Node

h3cmagic_r300-2100m_firmwareMatchr300-2100mv100r004

AND

h3cmagic_r300-2100mMatch-

CPENameOperatorVersion
h3c:magic_r300-2100m_firmwareh3c magic r300-2100m firmwareeqr300-2100mv100r004

CPE	Name	Operator	Version
h3c:magic_r300-2100m_firmware	h3c magic r300-2100m firmware	eq	r300-2100mv100r004

References

hackmd.io/%400dayResearch/S1twOtyrh

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.3%

JSON

Related for CVE-2023-33640

nvd1 cnvd1 cvelist1 prion1