H3C GR-5400AX Buffer Overflow Vulnerability in UpdateWanparamsMulti and UpdateIpv6params Functions
Vulnerability
A critical buffer overflow vulnerability has been identified in the H3C GR-5400AX router, specifically in the V100R009L50 release. The issue arises within the UpdateWanparamsMulti and UpdateIpv6params functions, located in the /routing/goform/aspForm file. The vulnerability can be exploited remotely by manipulating the 'param' argument, leading to a buffer overflow condition. This flaw has been publicly disclosed, and an exploit is available.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can lead to a denial-of-service condition or potentially allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by sending a crafted request to the /routing/goform/aspForm endpoint, specifically targeting the UpdateWanparamsMulti or UpdateIpv6params functions. The 'param' argument must be manipulated to trigger the buffer overflow. This can be done remotely, taking advantage of the router's exposed management interface.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.