Remote Code Execution Vulnerability in H3C GR-1800AX by H3C
CVE-2024-52765

9.8CRITICAL

Key Information:

Vendor: H3c
Status: Gr-1800ax Firmware
Vendor: CVE Published:; 20 November 2024

Summary

The H3C GR-1800AX MiniGRW1B0V100R007 is prone to a remote code execution vulnerability, which can be exploited through the manipulation of the aspForm parameter. This weakness can allow an attacker to execute arbitrary code on the device, potentially compromising system integrity and confidentiality. System administrators should take immediate action to mitigate this risk and safeguard their network infrastructure.

References

http://tjr181.com/2024/11/08/H3C%20GR-1800AX/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2024