Buffer Overflow Vulnerability in H3C GR-1800AX Networking Equipment
CVE-2025-4440

8.6HIGH

Key Information:

Vendor: H3c
Status: Gr-1800ax
Vendor: CVE Published:; 8 May 2025

Badges

👾 Exploit Exists

What is CVE-2025-4440?

A buffer overflow vulnerability exists in the H3C GR-1800AX device, specifically within the EnableIpv6 function in the /goform/aspForm file. Attackers with local network access can manipulate the 'param' argument, leading to potential exploitation. This issue has been publicly disclosed, making systems using affected versions vulnerable to unauthorized access if not secured.

Affected Version(s)

GR-1800AX 100R008

References

https://vuldb.com/?id.308048

vdb-entrytechnical-description

https://vuldb.com/?ctiid.308048

signaturepermissions-required

https://vuldb.com/?submit.557087

third-party-advisory

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 8, 2025
Vulnerability published
May 8, 2025
Vulnerability Reserved
May 8, 2025

Credit

BabyShark (VulDB User)

H3c

Badges

What is CVE-2025-4440?

Affected Version(s)

References

CVSS V4

Timeline

Credit