CVE-2025-10942

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions H3C Magic B3 versions up to 100R002

Description A flaw exists in H3C Magic B3 that allows for remote buffer overflow. The issue is related to the AddMacList function within the /goform/aspForm file. Manipulation of the param argument can trigger the overflow. The exploit is publicly available.

Recommendations Versions up to 100R002 should be updated to a newer, secure version when available. As a temporary workaround, consider restricting access to the /goform/aspForm file. Avoid using the param argument in the AddMacList function until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2026-02068

CVE-2025-10942

Affected Products

H3C Magic B3

CVE-2025-10942

Weakness Enumeration

Related Identifiers

Affected Products

References · 13