CVE-2002-2300

3Com NBX 4.0.17 and 4.1.4 - Denial of Service via Long CEL Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-2300. PoCs published by Michael S. Scheidell.

AI-analyzed exploit summary The exploit describes a denial of service vulnerability in the ftpd server of 3Com Superstack 3 NBX IP phones by sending an excessively long CEL parameter. The issue may also allow arbitrary code execution under certain conditions.

Description

Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Michael S. Scheidell · textdoshardware
https://www.exploit-db.com/exploits/22060

The exploit describes a denial of service vulnerability in the ftpd server of 3Com Superstack 3 NBX IP phones by sending an excessively long CEL parameter. The issue may also allow arbitrary code execution under certain conditions.

Classification
Writeup 80%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: 3Com Superstack 3 NBX IP phones ftpd server
No auth needed
Prerequisites: Network access to the vulnerable ftpd server
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Exploit x_refsource_misc
http://www.secnap.com/alerts.php?pg=6
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10739
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1005732
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2003/Apr/0344.html
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/317417
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6297
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103886644126011&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1006760

Scores

EPSS 0.0503
EPSS Percentile 91.2%

Details

CWE
CWE-119
Status published
Products (3)
3com/webbngss3nbxnts 4.0.17
3com/webbngss3nbxnts 4.1.4
3com/webbngss3nbxnts 4.1.21
Published Dec 31, 2002
Tracked Since Feb 18, 2026