Denial of Service Vulnerability in H3C GR2200 Products
CVE-2025-44653

7.5HIGH

Key Information:

Vendor: H3C
Status: GR2200 MiniGR1A0V100R016
Vendor: CVE Published:; 21 July 2025

What is CVE-2025-44653?

A configuration issue in the H3C GR2200 MiniGR1A0V100R016 allows an attacker to exploit the USERLIMIT_GLOBAL option, which is set to 0 in the /etc/bftpd.conf file. This misconfiguration can enable an attacker to carry out Denial of Service (DoS) attacks by overloading the device with connections, effectively disrupting service for legitimate users and compromising system stability.

References

http://h3c.com

https://gist.github.com/TPCchecker/1193f51fc870b597c8a598...

https://www.notion.so/CVE-2025-44653-24754a1113e780fab128...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2025
Vulnerability Reserved
Apr 22, 2025