PT-2026-60347 · H3C · Secpath F1000-C8300

Bigbrother_Man

·

Publicado

2026-07-15

·

Atualizado

2026-07-16

·

CVE-2026-15907

CVSS v3.1

7.3

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=log fw nbc mail jsondata. Executing a manipulation of the argument subject can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released.

Exploit

Correção

SQL injection

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15907

Produtos afetados

Secpath F1000-C8300