CVE-2024-57479

CRITICAL

9.8

Descripcion

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.

Detalles CVE

Puntuacion CVSS v3.19.8

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado1/14/2025

Ultima modificacion5/27/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

h3c:n12h3c:n12_firmware

Debilidades (CWE)

CWE-120

Referencias

http://h3c.com(cve@mitre.org)

https://gist.github.com/XiaoCurry/c7214be67a44a4a8858c5138ecd05984(cve@mitre.org)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.