15 matches found
CVE-2024-38903
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands...
CVE-2024-38903
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands...
H3C Magic R230 Security Vulnerability
H3C Magic R230 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic R230 V100R002 version, which originates from the udpserver opening port 9034 allowing an attacker to execute arbitrary commands...
CVE-2024-38903
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands...
CVE-2024-38903
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands...
CVE-2024-38903
The CVE-2024-38903 entry concerns H3C Magic R230 V100R002, where the udpserver listens on TCP/UDP port 9034 and allows execution of arbitrary commands due to the server’s behavior. Affected product/version is H3C Magic R230 with V100R002. The public docs consistently describe the vulnerability as...
CVE-2022-34598
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands...
CVE-2022-34598
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands...
CVE-2022-34598
The CVE-2022-34598 vulnerability affects H3C Magic R100 devices (V200R004 and V100R005) where the udpserver exposes port 9034. This misconfiguration enables attackers to execute arbitrary commands. Connected sources confirm the affected models and port, stating the issue originates from the udpse...
CVE-2022-34598
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands...
Command injection
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote...
CVE-2021-35394
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote...
CVE-2021-35394
Realtek Jungle SDK vulnerable versions are 2.x up to 3.4.14B. The CVE-2021-35394 issue involves the UDPServer/MP Daemon (management interface) suffering multiple memory corruption flaws and an arbitrary command injection, enabling remote unauthenticated code execution. Related connected documents...
CVE-2021-35394
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote...
PT-2021-3802
Name of the Vulnerable Software and Affected Versions Realtek Jungle SDK versions v2.x through v3.4.14B Description The Realtek Jungle SDK provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. This binary is affected by multiple memory corruption...