Vulnerabilities > H3C

DATE CVE VULNERABILITY TITLE RISK
2022-07-20 CVE-2022-34604 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-20 CVE-2022-34605 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-20 CVE-2022-34606 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-20 CVE-2022-34607 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-20 CVE-2022-34608 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-20 CVE-2022-34609 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-20 CVE-2022-34610 Out-of-bounds Write vulnerability in H3C Magic R200 Firmware R200V200R004L02
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app.
network
low complexity
h3c CWE-787
critical
9.8
2022-07-11 CVE-2022-35416 Cross-site Scripting vulnerability in H3C SSL VPN
H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.
network
low complexity
h3c CWE-79
6.1
2022-07-06 CVE-2022-34598 Unspecified vulnerability in H3C Magic R100 Firmware V100R005/V200R004
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.
network
low complexity
h3c
critical
9.8
2022-06-08 CVE-2022-30909 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware V100R005
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm.
network
low complexity
h3c CWE-787
critical
9.8