VYPR
Vendor

H3c

Products
7
CVEs
20
Across products
22
Status
Private

Products

7

Recent CVEs

20
  • CVE-2024-52765CriNov 20, 2024
    risk 0.65cvss 9.8epss 0.11

    H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.

  • CVE-2025-6090HigJun 15, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in H3C GR-5400AX V100R009L50 and classified as critical. This issue affects the function UpdateWanparamsMulti/UpdateIpv6params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be…

  • CVE-2025-5156HigMay 25, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by this issue is the function EditWlanMacList of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be launched remotely.…

  • CVE-2025-2725HigMar 25, 2025
    risk 0.53cvss 8.0epss 0.09

    A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this vulnerability is an unknown functionality of the file /api/login/auth of the component HTTP POST Request Handler. The…

  • CVE-2025-4446HigMay 9, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability has been found in H3C GR-5400AX up to 100R008 and classified as critical. This vulnerability affects the function Edit_List_SSID of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack needs to be approached within…

  • CVE-2025-4440HigMay 8, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability was found in H3C GR-1800AX up to 100R008 and classified as critical. Affected by this issue is the function EnableIpv6 of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. Access to the local network is required for this…

  • CVE-2025-3546HigApr 14, 2025
    risk 0.52cvss 8.0epss 0.02

    A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the…

  • CVE-2025-3545HigApr 14, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST…

  • CVE-2025-3544HigApr 14, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014 and classified as critical. This issue affects the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getCapabilityWeb of the component HTTP…

  • CVE-2025-2732HigMar 25, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/wizard/getWifiNeighbour of the component HTTP POST Request…

  • CVE-2025-2730HigMar 25, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is an unknown function of the file /api/wizard/getssidname of the component HTTP POST Request Handler. The…

  • CVE-2025-2726HigMar 25, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this issue is some unknown functionality of the file /api/esps of the component HTTP POST Request Handler.…

  • CVE-2025-5162MedMay 26, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this issue is some unknown functionality of the file /safeEvent/importFile/. The manipulation of the argument logGeneralFile/logGeneralFile_2 leads to…

  • CVE-2023-2676MedMay 12, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to…

  • CVE-2025-5161MedMay 26, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability classified as problematic was found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this vulnerability is the function operationDailyOut of the file /safeEvent/download. The manipulation of the argument filename leads to path traversal. The attack can…

  • CVE-2025-5160MedMay 26, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability classified as problematic has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected is the function Download of the file /packetCaptureStrategy/download. The manipulation of the argument Name leads to path traversal. It is possible to launch the…

  • CVE-2025-5159MedMay 26, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been rated as problematic. This issue affects the function Download of the file /cfgFile/1/download. The manipulation of the argument Name leads to path traversal. The attack may be initiated…

  • CVE-2025-5158MedMay 25, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been declared as problematic. This vulnerability affects the function downloadSoftware of the file /cfgFile/downloadSoftware. The manipulation of the argument filename leads to path traversal. The…

  • CVE-2025-5157MedMay 25, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been classified as critical. This affects the function fileContent of the file /cfgFile/fileContent. The manipulation of the argument filePath leads to path traversal. It is possible to initiate the…

  • CVE-2023-5142LowSep 24, 2023
    risk 0.24cvss 3.7epss 0.02

    A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file…