Denial of Service Vulnerability in H3C GR2200 Products
CVE-2025-44653

7.5HIGH

Key Information:

Vendor

H3C
Status
GR2200 MiniGR1A0V100R016
Vendor
CVE Published:
21 July 2025

What is CVE-2025-44653?

A configuration issue in the H3C GR2200 MiniGR1A0V100R016 allows an attacker to exploit the USERLIMIT_GLOBAL option, which is set to 0 in the /etc/bftpd.conf file. This misconfiguration can enable an attacker to carry out Denial of Service (DoS) attacks by overloading the device with connections, effectively disrupting service for legitimate users and compromising system stability.

References

http://h3c.com
https://gist.github.com/TPCchecker/1193f51fc870b597c8a598...
https://www.notion.so/CVE-2025-44653-24754a1113e780fab128...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-44653 : Denial of Service Vulnerability in H3C GR2200 Products