Denial of Service Vulnerability in H3C Magic B1STV100R012
CVE-2023-34935

7.5HIGH

Key Information:

Vendor: H3c
Status: Magic B1st Firmware
Vendor: CVE Published:; 28 June 2023

What is CVE-2023-34935?

The H3C Magic B1STV100R012 device is susceptible to a stack overflow vulnerability within the AddWlanMacList function. This flaw can be exploited by attackers through specially crafted POST requests, potentially leading to a Denial of Service (DoS) condition. Organizations using this product should implement necessary security measures to mitigate the risk of exploitation and ensure the integrity and availability of their network services.

References

https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-20...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 28, 2023
Vulnerability Reserved
Jun 7, 2023

H3c

What is CVE-2023-34935?

References

CVSS V3.1

Timeline