Vulnerabilites related to h3c - gr-1800ax
var-202411-1514
Vulnerability from variot
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter. H3C of gr-1800ax There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. H3C GR-1800AX is an enterprise-class wireless router from H3C, a Chinese company. No detailed vulnerability details are currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-1514",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gr-1800ax",
"scope": "eq",
"trust": 1.0,
"vendor": "h3c",
"version": "minigrw1b0v100r007"
},
{
"model": "gr-1800ax",
"scope": "eq",
"trust": 0.8,
"vendor": "h3c",
"version": null
},
{
"model": "gr-1800ax",
"scope": null,
"trust": 0.8,
"vendor": "h3c",
"version": null
},
{
"model": "gr-1800ax",
"scope": "eq",
"trust": 0.8,
"vendor": "h3c",
"version": "gr-1800ax firmware minigrw1b0v100r007"
},
{
"model": "gr-1800ax minigrw1b0v100r007",
"scope": null,
"trust": 0.6,
"vendor": "h3c",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"cve": "CVE-2024-52765",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-46252",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-52765",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-52765",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-52765",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2024-52765",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2024-46252",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter. H3C of gr-1800ax There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. H3C GR-1800AX is an enterprise-class wireless router from H3C, a Chinese company. No detailed vulnerability details are currently available",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52765"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "CNVD",
"id": "CNVD-2024-46252"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52765",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-46252",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"id": "VAR-202411-1514",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
}
]
},
"last_update_date": "2024-11-28T22:50:31.672000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tjr181.com/2024/11/08/h3c%20gr-1800ax/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52765"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"date": "2024-11-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"date": "2024-11-20T21:15:08.783000",
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-46252"
},
{
"date": "2024-11-25T01:03:00",
"db": "JVNDB",
"id": "JVNDB-2024-013265"
},
{
"date": "2024-11-26T17:15:25.557000",
"db": "NVD",
"id": "CVE-2024-52765"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "H3C\u00a0 of \u00a0gr-1800ax\u00a0 Firmware vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-013265"
}
],
"trust": 0.8
}
}
Vulnerability from fkie_nvd
Published
2024-11-20 21:15
Modified
2025-03-13 14:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://tjr181.com/2024/11/08/H3C%20GR-1800AX/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1800ax_firmware | minigrw1b0v100r007 | |
| h3c | gr-1800ax | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1800ax_firmware:minigrw1b0v100r007:*:*:*:*:*:*:*",
"matchCriteriaId": "E84CC346-F77A-414F-A96B-C4621444B466",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "435BF35B-1867-48E5-BC8C-3F868E9B419B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter."
},
{
"lang": "es",
"value": "H3C GR-1800AX MiniGRW1B0V100R007 es vulnerable a la ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del par\u00e1metro aspForm."
}
],
"id": "CVE-2024-52765",
"lastModified": "2025-03-13T14:15:33.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-11-20T21:15:08.783",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://tjr181.com/2024/11/08/H3C%20GR-1800AX/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-24 22:15
Modified
2024-11-21 08:41
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@vuldb.com | https://github.com/CJCniubi666/H3C-ER/blob/main/README.md | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://github.com/yinsel/CVE-H3C-Report | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.240238 | Permissions Required, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?id.240238 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CJCniubi666/H3C-ER/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/yinsel/CVE-H3C-Report | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.240238 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.240238 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1100-p_firmware | * | |
| h3c | gr-1100-p | - | |
| h3c | gr-1108-p_firmware | * | |
| h3c | gr-1108-p | - | |
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - | |
| h3c | gr-1800ax_firmware | * | |
| h3c | gr-1800ax | - | |
| h3c | gr-2200_firmware | * | |
| h3c | gr-2200 | - | |
| h3c | gr-3200_firmware | * | |
| h3c | gr-3200 | - | |
| h3c | gr-5200_firmware | * | |
| h3c | gr-5200 | - | |
| h3c | gr-8300_firmware | * | |
| h3c | gr-8300 | - | |
| h3c | er3260g2_firmware | * | |
| h3c | er3260g2 | - | |
| h3c | er5200g2_firmware | * | |
| h3c | er5200g2 | - | |
| h3c | er3200g2_firmware | * | |
| h3c | er3200g2 | - | |
| h3c | er2100n_firmware | * | |
| h3c | er2100n | - | |
| h3c | er6300g2_firmware | * | |
| h3c | er6300g2 | - | |
| h3c | er5100g2_firmware | * | |
| h3c | er5100g2 | - | |
| h3c | er2200g2_firmware | * | |
| h3c | er2200g2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1100-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D840020D-2C49-4208-BA79-9BF9C4EBA4D9",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1100-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2A23D8-5DF5-4647-AB32-AF86E117789F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1108-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A33D38D0-144E-4576-96F5-D184485EF455",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1108-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E432A5DB-5D0F-464F-8235-EB9543E3F06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94126EC2-0D0B-46F3-8CF6-3E1C42D7D100",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1800ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19B18747-B268-45AB-A254-64DCB72C109B",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "435BF35B-1867-48E5-BC8C-3F868E9B419B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75F33539-7670-4732-B470-4AB11816E549",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8543B702-DF8C-435F-A39E-56C8043E4321",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D94AFA76-7869-4B48-B22B-AAC0AE7D7960",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945172AA-02BE-4538-952C-3F2EF9749810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-5200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D61370D-1950-4AA3-A6A2-CFE9A199CAE8",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A3F347-7936-4966-9C0B-D61CC92BA85A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A545124C-076D-46E7-96B2-4B8CFF2BEFB8",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB46F02-E18F-4E67-A941-FE24C06C2CFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er3260g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60B2DE7C-598B-4002-BB42-EC2D7E129FBF",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er3260g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6504103-D36F-499D-A6CE-1E952477B00F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er5200g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39FEFC0A-4816-419E-830C-7D2AE5C95EEF",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er5200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC97A451-6C13-4805-BF52-9C424B898636",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er3200g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88AC8D91-BA03-49AC-9FC7-2D3DA30E9D4D",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er3200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3126DFD1-B3D2-4F01-BDB6-D22E681E3228",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er2100n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28BE8148-9573-4708-B5DE-6ED69AED6993",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er2100n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803C9117-16A7-4812-A530-82AE6B331147",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er6300g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6F28D8-BA6D-497E-95AA-D35052FFBF6F",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er6300g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9CE23F-9941-471E-82CE-0EE150608E04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er5100g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDDB7BA-795A-4853-B3C6-3894DA11E69E",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er5100g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11594FE2-E591-4F06-9856-751DCF3F8949",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er2200g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51A4E096-5A31-468B-B84B-9DDA123BEE2F",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er2200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB4A4EC-8E98-4F3B-B116-925B15A9E5C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad clasificada como problem\u00e1tica fue encontrada en H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2 , ER3260G2, ER5100G2, ER5200G2 y ER6300G2 hasta 20230908. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /userLogin.asp del componente Config File Handler. La manipulaci\u00f3n conduce al recorrido del camino. El ataque se puede iniciar de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece dif\u00edcil. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-240238 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"id": "CVE-2023-5142",
"lastModified": "2024-11-21T08:41:08.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-24T22:15:10.087",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.240238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.240238"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-5142 (GCVE-0-2023-5142)
Vulnerability from cvelistv5
Published
2023-09-24 22:00
Modified
2024-08-02 07:52
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 (Low) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 (Low) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Path Traversal
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.240238 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.240238 | signature, permissions-required | |
| https://github.com/yinsel/CVE-H3C-Report | broken-link, exploit | |
| https://github.com/CJCniubi666/H3C-ER/blob/main/README.md | related |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | H3C | GR-1100-P |
Version: 20230908 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.240238"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Config File Handler"
],
"product": "GR-1100-P",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1108-P",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1200W",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1800AX",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-2200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-3200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-5200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-8300",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER2100n",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER2200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER3200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER3260G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER5100G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER5200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER6300G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yinsel975 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T08:03:35.039Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.240238"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"tags": [
"related"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-24T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-24T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-14T17:43:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "H3C ER6300G2 Config File userLogin.asp path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5142",
"datePublished": "2023-09-24T22:00:06.432Z",
"dateReserved": "2023-09-24T14:06:15.230Z",
"dateUpdated": "2024-08-02T07:52:07.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52765 (GCVE-0-2024-52765)
Vulnerability from cvelistv5
Published
2024-11-20 00:00
Modified
2025-03-13 13:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gr-1800ax",
"vendor": "h3c",
"versions": [
{
"status": "affected",
"version": "MiniGRW1B0V100R007"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-52765",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T16:50:47.167285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T13:30:55.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T20:41:39.260Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://tjr181.com/2024/11/08/H3C%20GR-1800AX/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-52765",
"datePublished": "2024-11-20T00:00:00.000Z",
"dateReserved": "2024-11-15T00:00:00.000Z",
"dateUpdated": "2025-03-13T13:30:55.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4440 (GCVE-0-2025-4440)
Vulnerability from cvelistv5
Published
2025-05-08 23:00
Modified
2025-05-09 04:01
Severity ?
8.6 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
VLAI Severity ?
EPSS score ?
Summary
A vulnerability was found in H3C GR-1800AX up to 100R008 and classified as critical. Affected by this issue is the function EnableIpv6 of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used.
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.308048 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.308048 | signature, permissions-required | |
| https://vuldb.com/?submit.557087 | third-party-advisory | |
| https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-1800AX/1.md | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4440",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T04:01:41.292825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T04:01:57.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GR-1800AX",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "100R008"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BabyShark (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in H3C GR-1800AX up to 100R008 and classified as critical. Affected by this issue is the function EnableIpv6 of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in H3C GR-1800AX bis 100R008 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion EnableIpv6 der Datei /goform/aspForm. Durch Manipulation des Arguments param mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei im lokalen Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.7,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T23:00:06.909Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-308048 | H3C GR-1800AX aspForm EnableIpv6 buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.308048"
},
{
"name": "VDB-308048 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.308048"
},
{
"name": "Submit #557087 | New H3C Technologies Co., Ltd. H3C GR-1800AX \u003c=100R008 Command execution",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.557087"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-1800AX/1.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-08T18:57:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "H3C GR-1800AX aspForm EnableIpv6 buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4440",
"datePublished": "2025-05-08T23:00:06.909Z",
"dateReserved": "2025-05-08T16:51:51.146Z",
"dateUpdated": "2025-05-09T04:01:57.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}