Lucene search

[email protected]NVD:CVE-2023-27801

HistoryApr 07, 2023 - 2:15 p.m.

CVE-2023-27801

2023-04-0714:15:07

CWE-787

[email protected]

web.nvd.nist.gov

h3c magic

r100v100r005.bin

stack overflow

deldnshnlist

dos vulnerability

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

32.5%

JSON

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Affected configurations

Nvd

Node

h3cmagic_r100_firmwareMatchv100r005

AND

h3cmagic_r100_firmwareMatch-

VendorProductVersionCPE
h3cmagic_r100_firmwarev100r005cpe:2.3:o:h3c:magic_r100_firmware:v100r005:*:*:*:*:*:*:*
h3cmagic_r100_firmware-cpe:2.3:o:h3c:magic_r100_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
h3c	magic_r100_firmware	v100r005	cpe:2.3:o:h3c:magic_r100_firmware:v100r005:::::::*
h3c	magic_r100_firmware	-	cpe:2.3:o:h3c:magic_r100_firmware:-:::::::*

References

hackmd.io/%400dayResearch/DelDNSHnList

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

32.5%

JSON

Related for NVD:CVE-2023-27801

cvelist1 cve1 prion1