Primary

Context

H3C GR-5400AX Buffer Overflow Vulnerability in EditWlanMacList Function

Vulnerability

A critical buffer overflow vulnerability has been identified in the H3C GR-5400AX router, specifically in versions up to 100R008. The issue arises in the EditWlanMacList function within the /routing/goform/aspForm file. The vulnerability can be exploited remotely by manipulating the 'param' argument, leading to potential denial-of-service conditions or even remote code execution.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can disrupt normal device operation and potentially allow for arbitrary code execution.

Reproduction

To reproduce this vulnerability, send a request to the /routing/goform/aspForm endpoint with a crafted 'param' argument that exceeds the buffer size. This can be done using a variety of tools that allow for HTTP request manipulation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

H3C GR-5400AX Buffer Overflow Vulnerability in EditWlanMacList Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating