Stack Overflow Vulnerability in H3C Magic B1STV100R012
CVE-2023-34931

7.5HIGH

Key Information:

Vendor: H3c
Status: Magic B1st Firmware
Vendor: CVE Published:; 28 June 2023

Summary

A stack overflow vulnerability exists in the EditWlanMacList function of H3C Magic B1STV100R012, which can be exploited by attackers through a specially crafted POST request. This exploitation leads to a Denial of Service (DoS), potentially disrupting service and affecting the availability of the targeted device. System administrators should apply security patches and monitor for unusual request patterns to mitigate the impact of this vulnerability.

References

https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-20...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 28, 2023
Vulnerability Reserved
Jun 7, 2023