CVE-2023-27807 in Magic R100info

Summary

by MITRE • 04/07/2023

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 11/25/2025

The CVE-2023-27807 vulnerability represents a critical stack overflow flaw within the H3C Magic R100 wireless router firmware version R100V100R005. This vulnerability specifically targets the Delstlist interface located at the /goform/aspForm endpoint, which serves as a web-based administrative interface for managing device configurations. The flaw arises from inadequate input validation and memory management within the firmware's web server implementation, creating a pathway for remote attackers to exploit the device's memory handling mechanisms. The vulnerability is particularly concerning as it affects a widely deployed networking device that serves as a critical access point for numerous enterprise and residential networks.

The technical exploitation of this vulnerability occurs through the manipulation of parameters sent to the Delstlist interface, which processes user input without proper bounds checking or stack buffer validation. When an attacker crafts a malicious payload containing excessive data or malformed input parameters, the firmware's processing routine fails to properly handle the input, leading to a stack overflow condition. This memory corruption event typically results in the device's web server process crashing or becoming unresponsive, effectively causing a denial of service condition that disrupts network connectivity for all users relying on the affected router. The vulnerability falls under CWE-121 Stack-based Buffer Overflow, which is classified as a high-severity issue in the Common Weakness Enumeration catalog due to its potential for remote code execution and system instability.

The operational impact of CVE-2023-27807 extends beyond simple service disruption, as it can compromise network availability and potentially provide attackers with opportunities for further exploitation within the local network environment. Network administrators may experience unexpected service interruptions that could affect business operations, particularly in environments where the router serves as a primary network gateway. The vulnerability's remote exploitability means that attackers can target affected devices from outside the network perimeter without requiring physical access or prior authentication. This characteristic aligns with ATT&CK technique T1210, which describes exploitation of remote services through the use of vulnerabilities in network infrastructure components. The DoS condition created by this flaw can persist until the device is manually rebooted or the firmware is updated, potentially creating extended periods of network unavailability.

Mitigation strategies for this vulnerability should prioritize immediate firmware updates from H3C, as the vendor has likely released patches addressing the stack overflow issue. Network administrators should implement network segmentation to limit the potential impact of exploitation and deploy intrusion detection systems to monitor for suspicious traffic patterns targeting the affected interface. Additionally, disabling unnecessary web management interfaces and implementing strict access controls can reduce the attack surface. The vulnerability demonstrates the importance of secure coding practices in embedded systems and highlights the need for regular security assessments of network infrastructure devices. Organizations should also consider implementing network monitoring solutions that can detect abnormal behavior patterns indicative of exploitation attempts, as the stack overflow may be used as a precursor to more sophisticated attacks targeting the underlying system architecture.

Reservation

03/05/2023

Disclosure

04/07/2023

Moderation

accepted

CPE

ready

EPSS

0.00787

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!