Vulnerabilities > H3C > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-16 CVE-2024-42638 Use of Hard-coded Credentials vulnerability in H3C Magic B1St Firmware 100R012
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
network
low complexity
h3c CWE-798
critical
 9.8
9.8
2023-05-12 CVE-2023-2676 Stack-based Buffer Overflow vulnerability in H3C Magic R160 Firmware 100R004
A vulnerability, which was classified as critical, has been found in H3C R160 V1004004.
network
low complexity
h3c CWE-121
critical
 9.8
9.8
2023-05-08 CVE-2023-29693 Out-of-bounds Write vulnerability in H3C Gr-1200W Firmware Minigrw1A0V100R006
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.
network
low complexity
h3c CWE-787
critical
 9.8
9.8
2023-05-08 CVE-2023-29696 Out-of-bounds Write vulnerability in H3C Gr-1200W Firmware Minigrw1A0V100R006
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.
network
low complexity
h3c CWE-787
critical
 9.8
9.8
2023-02-22 CVE-2023-24093 Improper Authentication vulnerability in H3C A210-G Firmware A210Gv100R005
An access control issue in H3C A210-G A210-GV100R005 allows attackers to authenticate without a password.
network
low complexity
h3c CWE-287
critical
 9.8
9.8
2022-12-27 CVE-2022-45963 Unspecified vulnerability in H3C products
h3c firewall <= 3.10 ESS6703 has a privilege bypass vulnerability.
network
low complexity
h3c
critical
 9.8
9.8
2022-08-25 CVE-2022-37070 OS Command Injection vulnerability in H3C Gr-1200W Firmware
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.
network
low complexity
h3c CWE-78
critical
 9.8
9.8
2022-06-08 CVE-2022-30909 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm.
network
low complexity
h3c CWE-787
critical
 10.0
10
2022-06-08 CVE-2022-30910 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm.
network
low complexity
h3c CWE-787
critical
 10.0
10
2022-06-08 CVE-2022-30912 Out-of-bounds Write vulnerability in H3C Magic R100 Firmware
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateWanParams parameter at /goform/aspForm.
network
low complexity
h3c CWE-787
critical
 10.0
10