Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-10853

Malicious code in bioql PyPI...

8.6CVSS8AI score0.01145EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/04/16 12:45 a.m.24 views

CVE-2025-3539

A vulnerability classified as critical has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getBasicInfo of the component HTTP POST Request Handler. The...

8.6CVSS7.4AI score0.01167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/16 12:42 a.m.21 views

CVE-2025-3541

A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this issue is the function FCGIWizardProtoProcess of the file /api/wizard/getSpecs of the component HTTP POST Request Handler. The...

8.6CVSS7.3AI score0.01145EPSS
Exploits0References1
CVE
CVE
added 2025/04/14 1:31 a.m.83 views

CVE-2025-3546

The CVE-2025-3546 entry concerns H3C Magic NX15, NX30 Pro, NX400, R3010, and BE18000 up to V100R014. Affects the function FCGI_CheckStringIfContainsSemicolon in the HTTP POST Request Handler’s /api/wizard/getLanguage. Root cause is command injection via this function, with exploitation feasible o...

8.6CVSS8.2AI score0.01719EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/04/14 1:0 a.m.25 views

CVE-2025-3545 H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST Request Handler. T...

8.6CVSS0.01167EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/14 1:0 a.m.8 views

CVE-2025-3545 H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST Request Handler. T...

8.6CVSS7.3AI score0.01167EPSS
Exploits0References6
CVE
CVE
added 2025/04/14 1:0 a.m.80 views

CVE-2025-3545

The CVE-2025-3545 vulnerability affects H3C Magic NX15, NX30 Pro, NX400, R3010 and BE18000 up to V100R014. The flaw is in FCGI_CheckStringIfContainsSemicolon within the /api/wizard/setLanguage HTTP POST Request Handler, enabling command injection from within the local network. Multiple sources co...

8.6CVSS8.2AI score0.01167EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/14 12:31 a.m.9 views

CVE-2025-3544 H3C Magic BE18000 HTTP POST Request getCapabilityWeb FCGI_CheckStringIfContainsSemicolon command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014 and classified as critical. This issue affects the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getCapabilityWeb of the component HTTP POST Request Handler...

8.6CVSS7.4AI score0.01167EPSS
Exploits0References6
CVE
CVE
added 2025/04/14 12:31 a.m.74 views

CVE-2025-3544

The CVE-2025-3544 vulnerability affects H3C Magic NX15, NX30 Pro, NX400, R3010, and BE18000 devices up to version V100R014. It targets the FCGI_CheckStringIfContainsSemicolon function in the HTTP POST Request Handler, specifically in /api/wizard/getCapabilityWeb, enabling command injection. An at...

8.6CVSS8.2AI score0.01167EPSS
Exploits0References6
NVD
NVD
added 2025/04/14 12:15 a.m.19 views

CVE-2025-3542

A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGIWizardProtoProcess of the file /api/wizard/getsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command...

8.6CVSS0.01167EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/13 11:31 p.m.26 views

CVE-2025-3542 H3C Magic NX15/Magic NX400/Magic R3010 HTTP POST Request getsyncpppoecfg FCGI_WizardProtoProcess command injection

A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGIWizardProtoProcess of the file /api/wizard/getsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command...

8.6CVSS0.01167EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/13 11:0 p.m.9 views

CVE-2025-3541 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injection

A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this issue is the function FCGIWizardProtoProcess of the file /api/wizard/getSpecs of the component HTTP POST Request Handler. The...

8.6CVSS7.3AI score0.01145EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/13 10:0 p.m.9 views

CVE-2025-3539 H3C Magic BE18000 HTTP POST Request getBasicInfo FCGI_CheckStringIfContainsSemicolon command injection

A vulnerability classified as critical has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getBasicInfo of the component HTTP POST Request Handler. The...

8.6CVSS8.2AI score0.01167EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/04/13 12:0 a.m.12 views

PT-2025-16189 · H3C · H3C Magic Be18000 +4

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 H3C Magic BE18000 versions up to V100R014 Description: A critical vulnerability...

8.6CVSS8AI score0.01167EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2025/03/27 3:25 a.m.7 views

CVE-2025-2729

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014 and classified as critical. This issue affects some unknown processing of the file /api/wizard/networkSetup of the component HTTP POST Request Handler. The manipulation leads to...

8.6CVSS8.1AI score0.01074EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/25 4:0 a.m.21 views

CVE-2025-2732 H3C Magic BE18000 HTTP POST Request getWifiNeighbour command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/wizard/getWifiNeighbour of the component HTTP POST Request Handler. The...

8.6CVSS0.01097EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/03/25 4:0 a.m.11 views

CVE-2025-2732 H3C Magic BE18000 HTTP POST Request getWifiNeighbour command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/wizard/getWifiNeighbour of the component HTTP POST Request Handler. The...

8.6CVSS8.1AI score0.01097EPSS
Exploits0References6
CVE
CVE
added 2025/03/25 3:31 a.m.93 views

CVE-2025-2731

The CVE-2025-2731 vulnerability affects H3C Magic NX15, NX30 Pro, NX400, R3010, and BE18000 up to V100R014. It resides in the HTTP POST Request Handler function at /api/wizard/getDualbandSync, where an input manipulation enables command injection. Impact is local-network only, with high severity ...

8.6CVSS8.2AI score0.01074EPSS
Exploits0References6
NVD
NVD
added 2025/03/25 3:15 a.m.13 views

CVE-2025-2730

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is an unknown function of the file /api/wizard/getssidname of the component HTTP POST Request Handler. The manipulation leads to...

8.6CVSS0.01074EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/03/25 3:0 a.m.11 views

CVE-2025-2730 H3C Magic BE18000 HTTP POST Request getssidname command injection

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is an unknown function of the file /api/wizard/getssidname of the component HTTP POST Request Handler. The manipulation leads to...

8.6CVSS8.2AI score0.01074EPSS
Exploits0References6
Rows per page
Query Builder