提交 #520390: H3C Technologies Co., Ltd. H3C Magic NX15\H3C NX400\H3C Magic R3010\H3C Magic BE18000\H3C Magic NX30 Pro <=V100R014 Remote code execution信息

标题H3C Technologies Co., Ltd. H3C Magic NX15\H3C NX400\H3C Magic R3010\H3C Magic BE18000\H3C Magic NX30 Pro <=V100R014 Remote code execution
描述In the H3C Magic series products, H3C Magic NX15 allows an attacker to send a specially crafted POST request to the /api/login/auth route without authorization, enabling remote code execution with the highest privileges.
来源⚠️ https://github.com/ZIKH26/CVE-information/blob/master/H3C/Vulnerability%20Information_1.md
用户
 ZIKH26 (UID 61938)
提交2025-03-14 06時40分 (1 年前)
管理2025-03-24 13時59分 (10 days later)
状态已接受
VulDB条目300745 [H3C Magic BE18000 直到 V100R014 HTTP POST Request /api/login/auth 权限提升]
积分16

上一步一览下一步

Do you need the next level of professionalism?

Upgrade your account now!