CVE-2022-34598

CRITICAL

H3C Magic R100 - Command Injection

Title source: llm

Description

The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.

Exploits (1)

gitlab WORKING POC
by Squirre17 · poc
https://gitlab.com/Squirre17/cve-2022-34598

References (1)

Scores

CVSS v3 9.8
EPSS 0.8430
EPSS Percentile 99.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (2)
h3c/magic_r100_firmware v100r005
h3c/magic_r100_firmware v200r004
Published Jul 06, 2022
Tracked Since Feb 18, 2026