Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Positive Technologies
Positive Technologiesadded 2025/09/12 12:0 a.m.4 views

PT-2025-37323

Name of the Vulnerable Software and Affected Versions: H3C Magic M Device versions M2V100R006 Description: An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code by using the default password. Recommendations: Change the default password for H3C Magic M Devic...

8CVSS7.6AI score0.00424EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/04/14 1:31 a.m.28 views

CVE-2025-3546 H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POS...

8.6CVSS0.01912EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/03/25 2:0 a.m.9 views

CVE-2025-2725 H3C Magic BE18000 HTTP POST Request auth command injection

A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this vulnerability is an unknown functionality of the file /api/login/auth of the component HTTP POST Request Handler. The manipulation leads ...

8.6CVSS8.2AI score0.07278EPSS
Exploits0References6
Rows per page
Query Builder