Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflow
Vulnerability Description
A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
H3C GR-3000AX 安全漏洞
Vulnerability Description
H3C GR-3000AX是中国新华三(H3C)公司的一个企业级Wi-Fi 6无线路由器。 H3C GR-3000AX V100R006及之前版本存在安全漏洞,该漏洞源于文件/goform/aspForm中多个函数对参数param处理不当,导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A