H3C Magic Products Command Injection Vulnerability

A command injection vulnerability has been identified in several H3C Magic router models, including the NX15, NX30 Pro, NX400, R3010, and BE18000, all prior to specific version releases. The vulnerability resides in an unknown function of the file '/api/wizard/getssidname', within the HTTP POST Request Handler component. This issue allows for unauthorized command execution, but can only be exploited from within the local network.

Impact

Exploitation of this vulnerability allows for unauthorized command execution on the affected device, potentially leading to unauthorized access or control over the device.

Reproduction

To reproduce this vulnerability, an authenticated user must send a crafted HTTP POST request to the '/api/wizard/getssidname' endpoint. This can be done using tools like curl or Postman, or through a custom script that automates the process. The request must be sent from within the local network, as the vulnerability cannot be exploited remotely.

Remediation

Users are advised to upgrade to the latest version of the firmware. The upgrade is available on the H3C website.