H3C Magic R200 Buffer Overflow Vulnerability (CNVD-2022-54321)

H3C Magic R200 is a router from China New Huasan H3C.A security vulnerability exists in the H3C Magic R200 R200V200R004L02 version, which stems from the HOST parameter of doping.asp that was found to contain a stack overflow. No details of the vulnerability are currently available...

CVE-2022-34609

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp...

CVE-2022-34602

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqoslanipeditlist interface at /goform/aspForm...

CVE-2022-34610

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqoslanipeditlist interface at /goform/aspForm...

Stack overflow

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm...

CVE-2022-34609

CVE-2022-34609 affects the H3C Magic R200 family (R200V200R004L02) and is a stack overflow in the INTF parameter handling of /doping.asp. The vulnerability allows remote attackers to potentially crash the service or execute arbitrary code in the application context (described as a high-severity, ...

CVE-2022-34608

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget...

CVE-2022-34607

CVE-2022-34607 affects H3C Magic R200 family (R200, R200V200R004L02). The vulnerability is a stack overflow via the HOST parameter in /doping.asp. CVSSv3.1 base score 9.8 (CRITICAL): Network, no authentication, no user interaction; impacts confidentiality, integrity, and availability. No remediat...

CVE-2022-34608

The CVE-2022-34608 entry concerns H3C Magic R200 family devices (e.g., R200/R200V200R004L02) where the AJAX/ajaxget handler processes the ajaxmsg parameter and triggers a stack overflow. Public descriptions from CNVD/CNNVD/Red Hat and NVD note a buffer/stack overflow enabling remote-style issues,...

CVE-2022-34606

CVE-2022-34606 affects H3C Magic R200 R200V200R004L02. A stack overflow in the /dotrace.asp EditvsList parameter is reported, with exploitation described as potentially crashing the service and, in some sources, executing arbitrary code in the application context. Remote attacker access is implie...

CVE-2022-34605

The CVE-2022-34605 entry concerns the H3C Magic R200 family (R200R004L02 firmware, variant R200V200R004L02) with a stack overflow triggered by the HOST parameter in /dotrace.asp. Root cause: improper handling of HOST parameter leads to stack overflow. Impact per sources indicates high severity (f...

CVE-2022-34604

CVE-2022-34604 affects H3C Magic R200 series (R200R004L02) and is caused by a stack overflow in the INTF parameter of dotrace.asp. The issue is documented with a CVSS v3.1 base score of 9.8 (CRITICAL) and a network attack vector with no user interaction required, leading to high impact on confide...

CVE-2022-34602

CVE-2022-34602 affects H3C Magic R200/R200V200R004L02, with a stack overflow in the ipqos_lanip_editlist interface at /goform/aspForm. Connected documents confirm the vulnerable component and root cause (stack overflow) but provide no exploitation status or remediation details. CVSS v3.1 metrics ...

CVE-2022-34601

The provided connected documents identify CVE-2022-34601 as a real stack overflow vulnerability in the H3C Magic R200 family (R200V200R004L02) exposed via the Delstlist interface at /goform/aspForm. Root cause: stack overflow in the Delstlist handling. Impact: high/critical confidentiality, integ...