CVSS: 5.3EPSS: 0%CPEs: 30EXPL: 3CVE-2023-5142 – H3C ER6300G2 Config File userLogin.asp path traversal
https://notcve.org/view.php?id=CVE-2023-5142
24 Sep 2023 — A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. • https://github.com/kuangxiaotu/CVE-H3C-Report • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-29693
https://notcve.org/view.php?id=CVE-2023-29693
08 May 2023 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad. • https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-29696
https://notcve.org/view.php?id=CVE-2023-29696
08 May 2023 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set. • https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37074
https://notcve.org/view.php?id=CVE-2022-37074
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la función switch_debug_info_set. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/11 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37072
https://notcve.org/view.php?id=CVE-2022-37072
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la función UpdateWanLinkspyMulti. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/16 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36519
https://notcve.org/view.php?id=CVE-2022-36519
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la función AddWlanMacList. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/9 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37071
https://notcve.org/view.php?id=CVE-2022-37071
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateOne2One. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la función UpdateOne2One. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/18 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37073
https://notcve.org/view.php?id=CVE-2022-37073
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la función UpdateWanModeMulti. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/13 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 5%CPEs: 2EXPL: 1CVE-2022-37070
https://notcve.org/view.php?id=CVE-2022-37070
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene una vulnerabilidad de inyección de comandos por medio del parámetro param en DelL2tpLNSList. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/19 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37069
https://notcve.org/view.php?id=CVE-2022-37069
25 Aug 2022 — H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat. Se ha detectado que H3C GR-1200W MiniGRW1A0V100R006, contiene un desbordamiento de pila por medio de la función UpdateSnat. • https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/12 • CWE-787: Out-of-bounds Write •