Отправить #520499: H3C Technologies Co., Ltd. H3C Magic NX15\H3C NX400\H3C Magic R3010\H3C Magic BE18000\H3C Magic NX30 Pro <=V100R014 (Taking NX15 as an example.) Remote command executionИнформация

НазваниеH3C Technologies Co., Ltd. H3C Magic NX15\H3C NX400\H3C Magic R3010\H3C Magic BE18000\H3C Magic NX30 Pro <=V100R014 (Taking NX15 as an example.) Remote command execution
ОписаниеIn the H3C Magic series products, including H3C Magic NX15, H3C NX400, H3C Magic R3010, H3C Magic BE18000, and H3C Magic NX30 Pro, an attacker can send a specially crafted POST packet to the /api/wizard/getWifiNeighbour route without authorization, allowing them to obtain the highest privileges on the device.
Источник⚠️ https://github.com/Qwen11/CVE_store/blob/main/H3C/vulnerability%20Information_4.md
Пользователь
 Qwen (UID 82796)
Представление14.03.2025 10:47 (1 Год назад)
Модерация24.03.2025 13:59 (10 days later)
Статуспринято
Запись VulDB300752 [H3C Magic BE18000 до V100R014 HTTP POST Request getWifiNeighbour эскалация привилегий]
Баллы17

ПредыдущийОбзорДалее

Might our Artificial Intelligence support you?

Check our Alexa App!