Vulnerabilities > H3C

DATE CVE VULNERABILITY TITLE RISK
2023-04-07 CVE-2023-27806 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware V100R005
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm.
network
low complexity
h3c CWE-787
4.9
4.9
2023-04-07 CVE-2023-27807 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware V100R005
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm.
network
low complexity
h3c CWE-787
4.9
4.9
2023-04-07 CVE-2023-27808 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware V100R005
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.
network
low complexity
h3c CWE-787
4.9
4.9
2023-04-07 CVE-2023-27810 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware V100R005
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.
network
low complexity
h3c CWE-787
4.9
4.9
2023-02-22 CVE-2023-24093 Improper Authentication vulnerability in H3C A210-G Firmware A210Gv100R005
An access control issue in H3C A210-G A210-GV100R005 allows attackers to authenticate without a password.
network
low complexity
h3c CWE-287
critical
 9.8
9.8
2022-12-27 CVE-2022-45963 Unspecified vulnerability in H3C products
h3c firewall <= 3.10 ESS6703 has a privilege bypass vulnerability.
network
low complexity
h3c
critical
 9.8
9.8
2022-08-25 CVE-2022-36509 OS Command Injection vulnerability in H3C Gr3200 Firmware Minigr1B0V100R014
H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.
local
low complexity
h3c CWE-78
7.8
7.8
2022-08-25 CVE-2022-36510 OS Command Injection vulnerability in H3C Gr2200 Firmware Minigr1A0V100R014
H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.
local
low complexity
h3c CWE-78
7.8
7.8
2022-08-25 CVE-2022-37070 OS Command Injection vulnerability in H3C Gr-1200W Firmware
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.
network
low complexity
h3c CWE-78
critical
 9.8
9.8
2022-07-11 CVE-2022-35416 Cross-site Scripting vulnerability in H3C SSL VPN
H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.
network
h3c CWE-79
4.3
4.3