Отправить #520390: H3C Technologies Co., Ltd. H3C Magic NX15\H3C NX400\H3C Magic R3010\H3C Magic BE18000\H3C Magic NX30 Pro <=V100R014 Remote code executionИнформация

НазваниеH3C Technologies Co., Ltd. H3C Magic NX15\H3C NX400\H3C Magic R3010\H3C Magic BE18000\H3C Magic NX30 Pro <=V100R014 Remote code execution
ОписаниеIn the H3C Magic series products, H3C Magic NX15 allows an attacker to send a specially crafted POST request to the /api/login/auth route without authorization, enabling remote code execution with the highest privileges.
Источник⚠️ https://github.com/ZIKH26/CVE-information/blob/master/H3C/Vulnerability%20Information_1.md
Пользователь
 ZIKH26 (UID 61938)
Представление14.03.2025 06:40 (1 Год назад)
Модерация24.03.2025 13:59 (10 days later)
Статуспринято
Запись VulDB300745 [H3C Magic BE18000 до V100R014 HTTP POST Request /api/login/auth эскалация привилегий]
Баллы16

ПредыдущийОбзорДалее

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!