Command Execution Vulnerability in H3C Magic R230 Device
CVE-2024-38903

Currently unrated

Key Information:

Vendor: H3C
Status: Magic R230
Vendor: CVE Published:; 24 June 2024

Summary

A command execution vulnerability exists in the H3C Magic R230 V100R002 device due to its UDP server opening port 9034. This flaw allows remote attackers to execute arbitrary commands on the device, potentially leading to unauthorized access and control. Proper configuration and timely updates are essential to mitigate the risks associated with this vulnerability.

References

https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main...

Timeline

Vulnerability published
Jun 24, 2024
Vulnerability Reserved
Jun 21, 2024