Vulnerabilites related to h3c - gr-1800ax_firmware
cve-2023-5142
Vulnerability from cvelistv5
Published
2023-09-24 22:00
Modified
2024-08-02 07:52
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
https://vuldb.com/?id.240238vdb-entry, technical-description
https://vuldb.com/?ctiid.240238signature, permissions-required
https://github.com/yinsel/CVE-H3C-Reportbroken-link, exploit
https://github.com/CJCniubi666/H3C-ER/blob/main/README.mdrelated
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T07:52:07.533Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "technical-description",
                     "x_transferred",
                  ],
                  url: "https://vuldb.com/?id.240238",
               },
               {
                  tags: [
                     "signature",
                     "permissions-required",
                     "x_transferred",
                  ],
                  url: "https://vuldb.com/?ctiid.240238",
               },
               {
                  tags: [
                     "broken-link",
                     "exploit",
                     "x_transferred",
                  ],
                  url: "https://github.com/yinsel/CVE-H3C-Report",
               },
               {
                  tags: [
                     "related",
                     "x_transferred",
                  ],
                  url: "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-1100-P",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-1108-P",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-1200W",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-1800AX",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-2200",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-3200",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-5200",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "GR-8300",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER2100n",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER2200G2",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER3200G2",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER3260G2",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER5100G2",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER5200G2",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
            {
               modules: [
                  "Config File Handler",
               ],
               product: "ER6300G2",
               vendor: "H3C",
               versions: [
                  {
                     status: "affected",
                     version: "20230908",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "reporter",
               value: "yinsel975 (VulDB User)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
            },
            {
               lang: "de",
               value: "In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Die Komplexität eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur öffentlichen Verfügung.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
            },
            {
               cvssV3_0: {
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
            },
            {
               cvssV2_0: {
                  baseScore: 2.6,
                  vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:N",
                  version: "2.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22 Path Traversal",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-13T08:03:35.039Z",
            orgId: "1af790b2-7ee1-4545-860a-a788eba489b5",
            shortName: "VulDB",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "technical-description",
               ],
               url: "https://vuldb.com/?id.240238",
            },
            {
               tags: [
                  "signature",
                  "permissions-required",
               ],
               url: "https://vuldb.com/?ctiid.240238",
            },
            {
               tags: [
                  "broken-link",
                  "exploit",
               ],
               url: "https://github.com/yinsel/CVE-H3C-Report",
            },
            {
               tags: [
                  "related",
               ],
               url: "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-09-24T00:00:00.000Z",
               value: "Advisory disclosed",
            },
            {
               lang: "en",
               time: "2023-09-24T00:00:00.000Z",
               value: "CVE reserved",
            },
            {
               lang: "en",
               time: "2023-09-24T02:00:00.000Z",
               value: "VulDB entry created",
            },
            {
               lang: "en",
               time: "2023-10-14T17:43:30.000Z",
               value: "VulDB entry last update",
            },
         ],
         title: "H3C ER6300G2 Config File userLogin.asp path traversal",
      },
   },
   cveMetadata: {
      assignerOrgId: "1af790b2-7ee1-4545-860a-a788eba489b5",
      assignerShortName: "VulDB",
      cveId: "CVE-2023-5142",
      datePublished: "2023-09-24T22:00:06.432Z",
      dateReserved: "2023-09-24T14:06:15.230Z",
      dateUpdated: "2024-08-02T07:52:07.533Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-52765
Vulnerability from cvelistv5
Published
2024-11-20 00:00
Modified
2024-11-26 16:52
Severity ?
Summary
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "gr-1800ax",
                  vendor: "h3c",
                  versions: [
                     {
                        status: "affected",
                        version: "MiniGRW1B0V100R007",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-52765",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-26T16:50:47.167285Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-94",
                        description: "CWE-94 Improper Control of Generation of Code ('Code Injection')",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-26T16:52:41.239Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-20T20:41:39.260150",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "http://tjr181.com/2024/11/08/H3C%20GR-1800AX/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2024-52765",
      datePublished: "2024-11-20T00:00:00",
      dateReserved: "2024-11-15T00:00:00",
      dateUpdated: "2024-11-26T16:52:41.239Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2023-09-24 22:15
Modified
2024-11-21 08:41
Summary
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-1100-p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D840020D-2C49-4208-BA79-9BF9C4EBA4D9",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-1100-p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA2A23D8-5DF5-4647-AB32-AF86E117789F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-1108-p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A33D38D0-144E-4576-96F5-D184485EF455",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-1108-p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E432A5DB-5D0F-464F-8235-EB9543E3F06A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94126EC2-0D0B-46F3-8CF6-3E1C42D7D100",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-1800ax_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19B18747-B268-45AB-A254-64DCB72C109B",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "435BF35B-1867-48E5-BC8C-3F868E9B419B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-2200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "75F33539-7670-4732-B470-4AB11816E549",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-2200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8543B702-DF8C-435F-A39E-56C8043E4321",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-3200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D94AFA76-7869-4B48-B22B-AAC0AE7D7960",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-3200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "945172AA-02BE-4538-952C-3F2EF9749810",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-5200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D61370D-1950-4AA3-A6A2-CFE9A199CAE8",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-5200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55A3F347-7936-4966-9C0B-D61CC92BA85A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-8300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A545124C-076D-46E7-96B2-4B8CFF2BEFB8",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AB46F02-E18F-4E67-A941-FE24C06C2CFC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er3260g2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "60B2DE7C-598B-4002-BB42-EC2D7E129FBF",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er3260g2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6504103-D36F-499D-A6CE-1E952477B00F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er5200g2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "39FEFC0A-4816-419E-830C-7D2AE5C95EEF",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er5200g2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC97A451-6C13-4805-BF52-9C424B898636",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er3200g2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "88AC8D91-BA03-49AC-9FC7-2D3DA30E9D4D",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er3200g2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3126DFD1-B3D2-4F01-BDB6-D22E681E3228",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er2100n_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "28BE8148-9573-4708-B5DE-6ED69AED6993",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er2100n:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "803C9117-16A7-4812-A530-82AE6B331147",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er6300g2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A6F28D8-BA6D-497E-95AA-D35052FFBF6F",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er6300g2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E9CE23F-9941-471E-82CE-0EE150608E04",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er5100g2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFDDB7BA-795A-4853-B3C6-3894DA11E69E",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er5100g2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "11594FE2-E591-4F06-9856-751DCF3F8949",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:er2200g2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "51A4E096-5A31-468B-B84B-9DDA123BEE2F",
                     versionEndIncluding: "20230908",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:er2200g2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DB4A4EC-8E98-4F3B-B116-925B15A9E5C1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad clasificada como problemática fue encontrada en H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2 , ER3260G2, ER5100G2, ER5200G2 y ER6300G2 hasta 20230908. Esta vulnerabilidad afecta a código desconocido del archivo /userLogin.asp del componente Config File Handler. La manipulación conduce al recorrido del camino. El ataque se puede iniciar de forma remota. La complejidad de un ataque es bastante alta. La explotación parece difícil. El exploit ha sido divulgado al público y puede utilizarse. VDB-240238 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera.",
      },
   ],
   id: "CVE-2023-5142",
   lastModified: "2024-11-21T08:41:08.843",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "HIGH",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 2.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 4.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "cna@vuldb.com",
            type: "Secondary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 3.7,
               baseSeverity: "LOW",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 1.4,
            source: "cna@vuldb.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-09-24T22:15:10.087",
   references: [
      {
         source: "cna@vuldb.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md",
      },
      {
         source: "cna@vuldb.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/yinsel/CVE-H3C-Report",
      },
      {
         source: "cna@vuldb.com",
         tags: [
            "Permissions Required",
            "Third Party Advisory",
         ],
         url: "https://vuldb.com/?ctiid.240238",
      },
      {
         source: "cna@vuldb.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://vuldb.com/?id.240238",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/yinsel/CVE-H3C-Report",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Permissions Required",
            "Third Party Advisory",
         ],
         url: "https://vuldb.com/?ctiid.240238",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://vuldb.com/?id.240238",
      },
   ],
   sourceIdentifier: "cna@vuldb.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "cna@vuldb.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-11-20 21:15
Modified
2024-11-26 17:15
Severity ?
Summary
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.
References
cve@mitre.orghttp://tjr181.com/2024/11/08/H3C%20GR-1800AX/Exploit, Third Party Advisory
Impacted products
Vendor Product Version
h3c gr-1800ax_firmware minigrw1b0v100r007
h3c gr-1800ax -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:h3c:gr-1800ax_firmware:minigrw1b0v100r007:*:*:*:*:*:*:*",
                     matchCriteriaId: "E84CC346-F77A-414F-A96B-C4621444B466",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "435BF35B-1867-48E5-BC8C-3F868E9B419B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.",
      },
      {
         lang: "es",
         value: "H3C GR-1800AX MiniGRW1B0V100R007 es vulnerable a la ejecución remota de código (RCE) a través del parámetro aspForm.",
      },
   ],
   id: "CVE-2024-52765",
   lastModified: "2024-11-26T17:15:25.557",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-11-20T21:15:08.783",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "http://tjr181.com/2024/11/08/H3C%20GR-1800AX/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-94",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Secondary",
      },
   ],
}