Primary

Context

H3C Magic B1 Buffer Overflow Vulnerability in 5G SSID Edit Function

Vulnerability

A buffer overflow vulnerability has been identified in the H3C Magic B1 router, affecting firmware versions up to 100R004. The issue arises in the function 'Edit_BasicSSID_5G' within the file '/goform/aspForm'. The vulnerability can be exploited remotely by manipulating the 'param' argument, leading to potential denial-of-service conditions or even remote code execution.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can disrupt normal device operation or be leveraged for remote code execution.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/aspForm' with the 'CMD' parameter set to 'Edit_BasicSSID_5G'. The 'param' parameter must be filled with a payload that exceeds the buffer length, effectively causing the overflow.

Added: Mar 8, 2026, 5:22 AM

Updated: Mar 8, 2026, 5:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

H3C Magic B1 Buffer Overflow Vulnerability in 5G SSID Edit Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating