Search criteria
63 vulnerabilities found for gr-1200w_firmware by h3c
FKIE_CVE-2023-5142
Vulnerability from fkie_nvd - Published: 2023-09-24 22:15 - Updated: 2024-11-21 08:41
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://github.com/CJCniubi666/H3C-ER/blob/main/README.md | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://github.com/yinsel/CVE-H3C-Report | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.240238 | Permissions Required, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?id.240238 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CJCniubi666/H3C-ER/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/yinsel/CVE-H3C-Report | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.240238 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.240238 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1100-p_firmware | * | |
| h3c | gr-1100-p | - | |
| h3c | gr-1108-p_firmware | * | |
| h3c | gr-1108-p | - | |
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - | |
| h3c | gr-1800ax_firmware | * | |
| h3c | gr-1800ax | - | |
| h3c | gr-2200_firmware | * | |
| h3c | gr-2200 | - | |
| h3c | gr-3200_firmware | * | |
| h3c | gr-3200 | - | |
| h3c | gr-5200_firmware | * | |
| h3c | gr-5200 | - | |
| h3c | gr-8300_firmware | * | |
| h3c | gr-8300 | - | |
| h3c | er3260g2_firmware | * | |
| h3c | er3260g2 | - | |
| h3c | er5200g2_firmware | * | |
| h3c | er5200g2 | - | |
| h3c | er3200g2_firmware | * | |
| h3c | er3200g2 | - | |
| h3c | er2100n_firmware | * | |
| h3c | er2100n | - | |
| h3c | er6300g2_firmware | * | |
| h3c | er6300g2 | - | |
| h3c | er5100g2_firmware | * | |
| h3c | er5100g2 | - | |
| h3c | er2200g2_firmware | * | |
| h3c | er2200g2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1100-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D840020D-2C49-4208-BA79-9BF9C4EBA4D9",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1100-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2A23D8-5DF5-4647-AB32-AF86E117789F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1108-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A33D38D0-144E-4576-96F5-D184485EF455",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1108-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E432A5DB-5D0F-464F-8235-EB9543E3F06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94126EC2-0D0B-46F3-8CF6-3E1C42D7D100",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1800ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19B18747-B268-45AB-A254-64DCB72C109B",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "435BF35B-1867-48E5-BC8C-3F868E9B419B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75F33539-7670-4732-B470-4AB11816E549",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8543B702-DF8C-435F-A39E-56C8043E4321",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D94AFA76-7869-4B48-B22B-AAC0AE7D7960",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945172AA-02BE-4538-952C-3F2EF9749810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-5200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D61370D-1950-4AA3-A6A2-CFE9A199CAE8",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A3F347-7936-4966-9C0B-D61CC92BA85A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A545124C-076D-46E7-96B2-4B8CFF2BEFB8",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB46F02-E18F-4E67-A941-FE24C06C2CFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er3260g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60B2DE7C-598B-4002-BB42-EC2D7E129FBF",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er3260g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6504103-D36F-499D-A6CE-1E952477B00F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er5200g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39FEFC0A-4816-419E-830C-7D2AE5C95EEF",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er5200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC97A451-6C13-4805-BF52-9C424B898636",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er3200g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88AC8D91-BA03-49AC-9FC7-2D3DA30E9D4D",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er3200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3126DFD1-B3D2-4F01-BDB6-D22E681E3228",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er2100n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28BE8148-9573-4708-B5DE-6ED69AED6993",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er2100n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803C9117-16A7-4812-A530-82AE6B331147",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er6300g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6F28D8-BA6D-497E-95AA-D35052FFBF6F",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er6300g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9CE23F-9941-471E-82CE-0EE150608E04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er5100g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDDB7BA-795A-4853-B3C6-3894DA11E69E",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er5100g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11594FE2-E591-4F06-9856-751DCF3F8949",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:er2200g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51A4E096-5A31-468B-B84B-9DDA123BEE2F",
"versionEndIncluding": "20230908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:er2200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB4A4EC-8E98-4F3B-B116-925B15A9E5C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad clasificada como problem\u00e1tica fue encontrada en H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2 , ER3260G2, ER5100G2, ER5200G2 y ER6300G2 hasta 20230908. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /userLogin.asp del componente Config File Handler. La manipulaci\u00f3n conduce al recorrido del camino. El ataque se puede iniciar de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece dif\u00edcil. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-240238 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"id": "CVE-2023-5142",
"lastModified": "2024-11-21T08:41:08.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-24T22:15:10.087",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.240238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.240238"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-29696
Vulnerability from fkie_nvd - Published: 2023-05-08 15:15 - Updated: 2025-01-29 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | minigrw1a0v100r006 | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:minigrw1a0v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "947EC9F7-504E-4596-AC79-2555107D93B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set."
}
],
"id": "CVE-2023-29696",
"lastModified": "2025-01-29T19:15:16.473",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-08T15:15:11.033",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-29693
Vulnerability from fkie_nvd - Published: 2023-05-08 15:15 - Updated: 2025-01-29 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | minigrw1a0v100r006 | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:minigrw1a0v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "947EC9F7-504E-4596-AC79-2555107D93B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad."
}
],
"id": "CVE-2023-29693",
"lastModified": "2025-01-29T19:15:16.267",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-08T15:15:10.983",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-37071
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateOne2One.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/18 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/18 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateOne2One."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateOne2One."
}
],
"id": "CVE-2022-37071",
"lastModified": "2024-11-21T07:14:23.867",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.160",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/18"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37069
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/12 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/12 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateSnat."
}
],
"id": "CVE-2022-37069",
"lastModified": "2024-11-21T07:14:23.567",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.070",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37068
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/14 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/14 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateMacCloneFinal."
}
],
"id": "CVE-2022-37068",
"lastModified": "2024-11-21T07:14:23.400",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.027",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/14"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37074
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-120w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-120w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A4772C-E5F7-4178-A60E-3A27FE42AC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n switch_debug_info_set."
}
],
"id": "CVE-2022-37074",
"lastModified": "2024-11-21T07:14:24.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37072
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateWanLinkspyMulti."
}
],
"id": "CVE-2022-37072",
"lastModified": "2024-11-21T07:14:24.013",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37070
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/19 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/19 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene una vulnerabilidad de inyecci\u00f3n de comandos por medio del par\u00e1metro param en DelL2tpLNSList."
}
],
"id": "CVE-2022-37070",
"lastModified": "2024-11-21T07:14:23.730",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.113",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37073
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/13 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/13 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateWanModeMulti."
}
],
"id": "CVE-2022-37073",
"lastModified": "2024-11-21T07:14:24.160",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:12.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/13"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36516
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/3 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/3 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n ap_versi\u00f3n_check."
}
],
"id": "CVE-2022-36516",
"lastModified": "2024-11-21T07:13:12.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36514
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function WanModeSetMultiWan.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/1 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/1 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function WanModeSetMultiWan."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n WanModeSetMultiWan."
}
],
"id": "CVE-2022-36514",
"lastModified": "2024-11-21T07:13:12.160",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.637",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36515
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function addactionlist.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/4 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/4 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function addactionlist."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n addactionlist."
}
],
"id": "CVE-2022-36515",
"lastModified": "2024-11-21T07:13:12.317",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.680",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36519
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/9 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/9 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n AddWlanMacList."
}
],
"id": "CVE-2022-36519",
"lastModified": "2024-11-21T07:13:12.933",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.857",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/9"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37066
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateDDNS.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/15 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/15 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateDDNS."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateDDNS."
}
],
"id": "CVE-2022-37066",
"lastModified": "2024-11-21T07:14:23.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/15"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-37067
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:14
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/17 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/17 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n UpdateWanParamsMulti."
}
],
"id": "CVE-2022-37067",
"lastModified": "2024-11-21T07:14:23.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.987",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36517
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function debug_wlan_advance.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/7 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/7 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function debug_wlan_advance."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n debug_wlan_advance."
}
],
"id": "CVE-2022-36517",
"lastModified": "2024-11-21T07:13:12.627",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36513
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2025-06-17 20:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/5 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/5 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n edditactionlist."
}
],
"id": "CVE-2022-36513",
"lastModified": "2025-06-17T20:15:26.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-08-25T14:15:11.590",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/5"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-36520
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function DEleteusergroup.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/10 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/10 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function DEleteusergroup."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n DEleteusergroup."
}
],
"id": "CVE-2022-36520",
"lastModified": "2024-11-21T07:13:13.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.900",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/10"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36511
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2025-06-17 20:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/2 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/2 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n EditApAdvanceInfo."
}
],
"id": "CVE-2022-36511",
"lastModified": "2025-06-17T20:15:26.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-08-25T14:15:11.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-36518
Vulnerability from fkie_nvd - Published: 2022-08-25 14:15 - Updated: 2024-11-21 07:13
Severity ?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditWlanMacList.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/8 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/8 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| h3c | gr-1200w_firmware | * | |
| h3c | gr-1200w | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3361CB00-22AF-4FE2-A805-123078ACEF79",
"versionEndIncluding": "minigrw1a0v100r006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditWlanMacList."
},
{
"lang": "es",
"value": "Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la funci\u00f3n EditWlanMacList."
}
],
"id": "CVE-2022-36518",
"lastModified": "2024-11-21T07:13:12.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T14:15:11.813",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/8"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-5142 (GCVE-0-2023-5142)
Vulnerability from cvelistv5 – Published: 2023-09-24 22:00 – Updated: 2024-08-02 07:52
VLAI?
Title
H3C ER6300G2 Config File userLogin.asp path traversal
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-22 - Path Traversal
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| H3C | GR-1100-P |
Affected:
20230908
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
yinsel975 (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.240238"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Config File Handler"
],
"product": "GR-1100-P",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1108-P",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1200W",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1800AX",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-2200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-3200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-5200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-8300",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER2100n",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER2200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER3200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER3260G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER5100G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER5200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER6300G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yinsel975 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T08:03:35.039Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.240238"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"tags": [
"related"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-24T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-24T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-14T17:43:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "H3C ER6300G2 Config File userLogin.asp path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5142",
"datePublished": "2023-09-24T22:00:06.432Z",
"dateReserved": "2023-09-24T14:06:15.230Z",
"dateUpdated": "2024-08-02T07:52:07.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29696 (GCVE-0-2023-29696)
Vulnerability from cvelistv5 – Published: 2023-05-08 00:00 – Updated: 2025-01-29 18:49
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:39.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29696",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T18:48:57.369418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T18:49:16.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-08T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-29696",
"datePublished": "2023-05-08T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2025-01-29T18:49:16.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29693 (GCVE-0-2023-29693)
Vulnerability from cvelistv5 – Published: 2023-05-08 00:00 – Updated: 2025-01-29 18:49
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:39.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29693",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T18:49:48.238873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T18:49:52.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-08T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-29693",
"datePublished": "2023-05-08T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2025-01-29T18:49:52.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37074 (GCVE-0-2022-37074)
Vulnerability from cvelistv5 – Published: 2022-08-25 14:00 – Updated: 2024-08-03 10:21
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T14:00:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11",
"refsource": "MISC",
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37074",
"datePublished": "2022-08-25T14:00:28",
"dateReserved": "2022-08-01T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37072 (GCVE-0-2022-37072)
Vulnerability from cvelistv5 – Published: 2022-08-25 14:00 – Updated: 2024-08-03 10:21
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T14:00:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16",
"refsource": "MISC",
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37072",
"datePublished": "2022-08-25T14:00:23",
"dateReserved": "2022-08-01T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5142 (GCVE-0-2023-5142)
Vulnerability from nvd – Published: 2023-09-24 22:00 – Updated: 2024-08-02 07:52
VLAI?
Title
H3C ER6300G2 Config File userLogin.asp path traversal
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-22 - Path Traversal
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| H3C | GR-1100-P |
Affected:
20230908
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
yinsel975 (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.240238"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Config File Handler"
],
"product": "GR-1100-P",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1108-P",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1200W",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-1800AX",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-2200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-3200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-5200",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "GR-8300",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER2100n",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER2200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER3200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER3260G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER5100G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER5200G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
},
{
"modules": [
"Config File Handler"
],
"product": "ER6300G2",
"vendor": "H3C",
"versions": [
{
"status": "affected",
"version": "20230908"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yinsel975 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T08:03:35.039Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.240238"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.240238"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/yinsel/CVE-H3C-Report"
},
{
"tags": [
"related"
],
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-24T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-24T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-14T17:43:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "H3C ER6300G2 Config File userLogin.asp path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5142",
"datePublished": "2023-09-24T22:00:06.432Z",
"dateReserved": "2023-09-24T14:06:15.230Z",
"dateUpdated": "2024-08-02T07:52:07.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29696 (GCVE-0-2023-29696)
Vulnerability from nvd – Published: 2023-05-08 00:00 – Updated: 2025-01-29 18:49
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:39.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29696",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T18:48:57.369418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T18:49:16.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-08T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-29696",
"datePublished": "2023-05-08T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2025-01-29T18:49:16.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29693 (GCVE-0-2023-29693)
Vulnerability from nvd – Published: 2023-05-08 00:00 – Updated: 2025-01-29 18:49
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:39.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29693",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T18:49:48.238873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T18:49:52.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-08T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-29693",
"datePublished": "2023-05-08T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2025-01-29T18:49:52.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37074 (GCVE-0-2022-37074)
Vulnerability from nvd – Published: 2022-08-25 14:00 – Updated: 2024-08-03 10:21
VLAI?
Summary
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T14:00:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11",
"refsource": "MISC",
"url": "https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37074",
"datePublished": "2022-08-25T14:00:28",
"dateReserved": "2022-08-01T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}