Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-33638

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-31 May, 2023 | 00:00
Updated At-10 Jan, 2025 | 15:08
Rejected At-
Credits

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:31 May, 2023 | 00:00
Updated At:10 Jan, 2025 | 15:08
Rejected At:
▼CVE Numbering Authority (CNA)

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://hackmd.io/%400dayResearch/ryyALdiV3
N/A
Hyperlink: https://hackmd.io/%400dayResearch/ryyALdiV3
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://hackmd.io/%400dayResearch/ryyALdiV3
x_transferred
Hyperlink: https://hackmd.io/%400dayResearch/ryyALdiV3
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 May, 2023 | 21:15
Updated At:10 Jan, 2025 | 15:15

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
New H3C Technologies Co., Ltd.
h3c
>>magic_r300-2100m_firmware>>r300-2100mv100r004
cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:*:*:*:*:*:*:*
New H3C Technologies Co., Ltd.
h3c
>>magic_r300-2100m>>-
cpe:2.3:h:h3c:magic_r300-2100m:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-787Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://hackmd.io/%400dayResearch/ryyALdiV3cve@mitre.org
N/A
https://hackmd.io/%400dayResearch/ryyALdiV3af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://hackmd.io/%400dayResearch/ryyALdiV3
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://hackmd.io/%400dayResearch/ryyALdiV3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

382Records found
CVE-2023-33637
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33633
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33635
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateMacClone interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33630
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-16 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditvsList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100m_firmwaremagic_r300-2100mn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33634
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33629
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-86.09% / 99.35%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33640
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33628
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33632
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33642
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.75%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33631
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelSTList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33641
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33627
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33643
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.75%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddWlanMacList interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33639
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetMobileAPInfoById interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33636
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.27%
||
7 Day CHG~0.00%
Published-31 May, 2023 | 00:00
Updated-10 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r300-2100mmagic_r300-2100m_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27802
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditvsList parameter at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27806
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34936
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.06%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-27 Nov, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stmagic_b1st_firmwaren/amagic
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34924
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.79%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stwmagic_b1stw_firmwaren/amagic_b1stw
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29915
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-21 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r200_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27803
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27807
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27804
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27805
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27810
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27808
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37092
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG+0.24%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27801
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-07 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30910
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:23
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37094
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG-0.06%
Published-25 Aug, 2022 | 14:04
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37087
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG+0.24%
Published-25 Aug, 2022 | 14:03
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetMobileAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-h200_firmwareh200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36516
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG-0.06%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36468
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36514
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG-0.06%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function WanModeSetMultiWan.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36475
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34602
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 13:41
Updated-03 Aug, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r200_firmwaremagic_r200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34930
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.14%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-27 Nov, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stmagic_b1st_firmwaren/amagic
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29696
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.76%
||
7 Day CHG~0.00%
Published-08 May, 2023 | 00:00
Updated-29 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200wgr-1200w_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30925
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:24
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacList parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30915
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:23
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateSnat parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36499
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function DEleteusergroup.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36503
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG-0.01%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateMacClone.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34608
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 13:41
Updated-03 Aug, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r200_firmwaremagic_r200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34606
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 13:41
Updated-03 Aug, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r200_firmwaremagic_r200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30919
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:23
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37068
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG-0.06%
Published-25 Aug, 2022 | 13:59
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36505
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36490
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30909
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:23
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found