Stack Overflow Vulnerability in H3C GR-1200W Product
CVE-2022-37072

9.8CRITICAL

Key Information:

Vendor: H3c
Status: Gr-1200w Firmware
Vendor: CVE Published:; 25 August 2022

Summary

A stack overflow vulnerability has been identified in H3C's GR-1200W MiniGRW1A0V100R006 model. This issue arises from insufficient input validation in the UpdateWanLinkspyMulti function, potentially allowing an attacker to execute arbitrary code or disrupt the functionality of the device. Organizations using affected products should prioritize assessing their devices for this vulnerability and implement necessary patches or workarounds to mitigate potential risks.

References

https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 25, 2022
Vulnerability Reserved
Aug 1, 2022