Buffer Overflow Vulnerability in H3C N12 V100R005 5G Wireless Network Device
CVE-2024-57482

9.8CRITICAL

Key Information:

Vendor: H3C
Vendor: CVE Published:; 14 January 2025

Summary

The H3C N12 V100R005 device exhibits a buffer overflow vulnerability due to insufficient length verification in its 5G wireless network processing mechanism. This flaw permits adversaries to exploit the device by sending malicious POST requests to the /bin/webs endpoint. Successful exploitation could lead to unauthorized access, potential crashes of the device, or even the execution of arbitrary commands, posing significant risks to network integrity and security.

References

http://h3c.com

https://gist.github.com/XiaoCurry/d39f76a025df8b78a5f9e1a...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 14, 2025