Stack Overflow Vulnerability in H3C Magic Products
CVE-2023-34934

7.5HIGH

Key Information:

Vendor: H3c
Status: Magic B1st Firmware
Vendor: CVE Published:; 28 June 2023

Summary

A malicious actor can exploit a stack overflow vulnerability in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 by sending a specially crafted POST request. This exploitation can lead to a Denial of Service (DoS), disrupting normal operations and potentially rendering the device inoperable. Organizations should take proactive measures to mitigate the risks associated with this vulnerability and ensure continuous protection of their network infrastructure.

References

https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-20...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 28, 2023
Vulnerability Reserved
Jun 7, 2023