2065 matches found
CVE-2025-14196
A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public...
CVE-2025-14196 H3C Magic B1 aspForm sub_44de0 buffer overflow
A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public...
CVE-2025-14196
CVE-2025-14196 affects H3C Magic B1 (versions up to 100R004). The vulnerability is a buffer overflow in the function sub_44de0 of /goform/aspForm caused by manipulation of the param argument, enabling remote exploitation. Publicly available exploit increases risk, and vendors were notified with n...
PT-2025-49409
Name of the Vulnerable Software and Affected Versions H3C Magic B1 versions up to 100R004 Description A flaw exists in H3C Magic B1 up to version 100R004. The issue involves a buffer overflow in the sub 44de0 function within the /goform/aspForm file. Manipulation of the param argument can trigger...
H3C Magic B1 安全漏洞
H3C Magic B1 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic B1 100R004 and prior versions, which stems from incorrect manipulation of the parameter param in the file /goform/aspForm, which could result in a buffer overflow...
CVE-2025-14015
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and...
EUVD-2025-201257
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and...
CVE-2025-14015
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and...
CVE-2025-14015
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and...
CVE-2025-14015 H3C Magic B0 aspForm EditWlanMacList buffer overflow
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and...
CVE-2025-14015 H3C Magic B0 aspForm EditWlanMacList buffer overflow
A weakness has been identified in H3C Magic B0 up to 100R002. This impacts the function EditWlanMacList of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and...
PT-2025-49113
Name of the Vulnerable Software and Affected Versions H3C Magic B0 versions up to 100R002 Description A weakness exists in H3C Magic B0 up to version 100R002. The issue involves the EditWlanMacList function within the /goform/aspForm file. Manipulation of the param argument can lead to a buffer...
H3C Magic B0 安全漏洞
The H3C Magic B0 is a small wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic B0 100R002 and prior versions, which stems from incorrect manipulation of the parameter param in the file /goform/aspForm, which could result in a buffer overflow...
CVE-2025-63258
A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...
CVE-2025-63258
A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...
CVE-2025-63258
CVE-2025-63258 is a remote command execution (RCE) affecting H3C ERG3/ERG5 routers, XiaoBei routers, cloud gateways, and associated wireless access points. The root cause is a command injection in the sessionid parameter that can lead to arbitrary code execution. Affected products/versions includ...
PT-2025-47366
Name of the Vulnerable Software and Affected Versions H3C ERG3/ERG5 series routers H3C XiaoBei series routers H3C cloud gateways H3C wireless access points versions R0162P07 H3C wireless access points version UAP700-WPT330-E2265 H3C wireless access points version UAP672-WPT330-R2262 H3C wireless...
CVE-2025-63258
A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...
CVE-2025-63258
A remote command execution RCE vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS,...
CVE-2025-61330
CVE-2025-61330 affects H3C Magic-branded devices. The root cause is a hard-coded weak password (or no password) for the root account in /etc/shadow, with Telnet enabled by default or user-enabled, and Virtual Servers exposing devices to the public network. This enables remote attacker access to r...