Lucene search

[email protected]NVD:CVE-2023-33633

HistoryMay 31, 2023 - 9:15 p.m.

CVE-2023-33633

2023-05-3121:15:09

CWE-787

[email protected]

web.nvd.nist.gov

h3c magic r300

version r300-2100mv100r004

stack overflow

updatewanparams interface

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

39.7%

JSON

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm.

Affected configurations

Nvd

Node

h3cmagic_r300-2100m_firmwareMatchr300-2100mv100r004

AND

h3cmagic_r300-2100mMatch-

VendorProductVersionCPE
h3cmagic_r300-2100m_firmwarer300-2100mv100r004cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:*:*:*:*:*:*:*
h3cmagic_r300-2100m-cpe:2.3:h:h3c:magic_r300-2100m:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
h3c	magic_r300-2100m_firmware	r300-2100mv100r004	cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:::::::*
h3c	magic_r300-2100m	-	cpe:2.3:h:h3c:magic_r300-2100m:-:::::::*

References

hackmd.io/%400dayResearch/UpdateWanParams

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

39.7%

JSON

Related for NVD:CVE-2023-33633

cvelist1 cve1 prion1