Stack Overflow Vulnerability in H3C H200 Product Line
CVE-2022-37086

9.8CRITICAL

Key Information:

Vendor: H3c
Status: H200 Firmware
Vendor: CVE Published:; 25 August 2022

Summary

The H3C H200 series, specifically the H200V100R004 version, has been identified as containing a stack overflow vulnerability. This flaw arises in the function Asp_SetTimingtimeWifiAndLed, which may allow attackers to exploit the overflow, potentially compromising the security and stability of affected systems. Organizations using these devices should assess their exposure to this vulnerability and take appropriate measures to mitigate risks.

References

https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/3

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 25, 2022
Vulnerability Reserved
Aug 1, 2022