PT-2023-22467 · H3C · H3C Magic R200
Published
2023-04-21
·
Updated
2023-05-02
·
CVE-2023-29910
CVSS v3.1
4.9
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
H3C Magic R200 version R200V100R004
Description
A stack overflow issue was discovered via the UpdateMacClone interface at the "/goform/aspForm" API endpoint. This issue affects the specified version of the H3C Magic R200.
Recommendations
For H3C Magic R200 version R200V100R004, consider disabling access to the "/goform/aspForm" API endpoint until a patch is available. Restricting the use of the UpdateMacClone interface can also help minimize the risk of exploitation.
Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
H3C Magic R200