H3C — Vulnerabilities & Security Advisories 41

Browse all 41 CVE security advisories affecting H3C. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by H3C:Magic NX15 SecCenter SMP-E1114P02 Magic B1 GR-5400AX Magic NX30 Pro GR-3000AX Magic B0 R160 GR-1100-P GR-1800AX R2+ProG Magic R200G M2 NAS Magic B3 ACG1000-AK230

CVE ID	Title	CVSS	Severity	Published
CVE-2026-6581	H3C Magic B1 aspForm SetMobileAPInfoById buffer overflow — Magic B1CWE-120	8.8	High	2026-04-19
CVE-2026-6563	H3C Magic B1 aspForm SetAPWifiorLedInfoById buffer overflow — Magic B1CWE-120	8.8	High	2026-04-19
CVE-2026-6560	H3C Magic B0 aspForm Edit_BasicSSID buffer overflow — Magic B0CWE-120	8.8	High	2026-04-19
CVE-2026-3943	H3C ACG1000-AK230 aaa_portal_auth_local_submit command injection — ACG1000-AK230CWE-77	7.3	High	2026-03-11
CVE-2026-3701	H3C Magic B1 aspForm Edit_BasicSSID_5G buffer overflow — Magic B1CWE-120	8.8	High	2026-03-08
CVE-2025-14196	H3C Magic B1 aspForm sub_44de0 buffer overflow — Magic B1CWE-120	8.8	High	2025-12-07
CVE-2025-14015	H3C Magic B0 aspForm EditWlanMacList buffer overflow — Magic B0CWE-120	8.8	High	2025-12-04
CVE-2025-10942	H3C Magic B3 aspForm EditMacList buffer overflow — Magic B3CWE-120	8.8	High	2025-09-25
CVE-2025-8907	H3C M2 NAS Webserver Configuration unnecessary privileges — M2 NASCWE-250	7.0	High	2025-08-13
CVE-2025-6091	H3C GR-3000AX aspForm UpdateIpv6Params buffer overflow — GR-3000AXCWE-120	8.8	High	2025-06-15
CVE-2025-6090	H3C GR-5400AX aspForm UpdateIpv6params buffer overflow — GR-5400AXCWE-120	8.8	High	2025-06-15
CVE-2025-5162	H3C SecCenter SMP-E1114P02 importFile unrestricted upload — SecCenter SMP-E1114P02CWE-434	6.3	Medium	2025-05-26
CVE-2025-5161	H3C SecCenter SMP-E1114P02 download operationDailyOut path traversal — SecCenter SMP-E1114P02CWE-22	4.3	Medium	2025-05-26
CVE-2025-5160	H3C SecCenter SMP-E1114P02 download path traversal — SecCenter SMP-E1114P02CWE-22	4.3	Medium	2025-05-26
CVE-2025-5159	H3C SecCenter SMP-E1114P02 download path traversal — SecCenter SMP-E1114P02CWE-22	4.3	Medium	2025-05-25
CVE-2025-5158	H3C SecCenter SMP-E1114P02 downloadSoftware path traversal — SecCenter SMP-E1114P02CWE-22	4.3	Medium	2025-05-25
CVE-2025-5157	H3C SecCenter SMP-E1114P02 fileContent path traversal — SecCenter SMP-E1114P02CWE-22	4.3	Medium	2025-05-25
CVE-2025-5156	H3C GR-5400AX aspForm EditWlanMacList buffer overflow — GR-5400AXCWE-120	8.8	High	2025-05-25
CVE-2025-4998	H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service — Magic R200GCWE-404	6.5	Medium	2025-05-20
CVE-2025-4997	H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service — R2+ProGCWE-404	6.5	Medium	2025-05-20
CVE-2025-4446	H3C GR-5400AX aspForm Edit_List_SSID buffer overflow — GR-5400AXCWE-120	8.0	High	2025-05-09
CVE-2025-4440	H3C GR-1800AX aspForm EnableIpv6 buffer overflow — GR-1800AXCWE-120	8.0	High	2025-05-08
CVE-2025-3854	H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflow — GR-3000AXCWE-120	8.0	High	2025-04-22
CVE-2025-3546	H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15CWE-77	8.0	High	2025-04-14
CVE-2025-3545	H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15CWE-77	8.0	High	2025-04-14
CVE-2025-3544	H3C Magic BE18000 HTTP POST Request getCapabilityWeb FCGI_CheckStringIfContainsSemicolon command injection — Magic NX15CWE-77	8.0	High	2025-04-14
CVE-2025-3543	H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request setsyncpppoecfg FCGI_WizardProtoProcess command injection — Magic NX15CWE-77	8.0	High	2025-04-14
CVE-2025-3542	H3C Magic NX15/Magic NX400/Magic R3010 HTTP POST Request getsyncpppoecfg FCGI_WizardProtoProcess command injection — Magic NX15CWE-77	8.0	High	2025-04-13
CVE-2025-3541	H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injection — Magic NX15CWE-77	8.0	High	2025-04-13
CVE-2025-3540	H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getCapability FCGI_WizardProtoProcess command injection — Magic NX15CWE-77	8.0	High	2025-04-13

This page lists every published CVE security advisory associated with H3C. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

H3C — Vulnerabilities & Security Advisories 41