CVE-2024-57479

CRITICAL

9.8

Beschreibung

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht1/14/2025

Zuletzt geandert5/27/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

h3c:n12h3c:n12_firmware

Schwachen (CWE)

CWE-120

Referenzen

http://h3c.com(cve@mitre.org)

https://gist.github.com/XiaoCurry/c7214be67a44a4a8858c5138ecd05984(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.