CVE-2022-34598

CRITICAL

H3C Magic R100 V200R004 and V100R005 - Remote Code Execution via udpserver on Port 9034

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-34598. PoCs published by Squirre17.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2022-34598, targeting a backdoor in H3C routers. The exploit sends a UDP packet to port 9034 with a command payload, demonstrating remote command execution (RCE) without authentication.

Description

The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.

Exploits (1)

gitlab WORKING POC

by Squirre17 · poc

https://gitlab.com/Squirre17/cve-2022-34598

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2022-34598, targeting a backdoor in H3C routers. The exploit sends a UDP packet to port 9034 with a command payload, demonstrating remote command execution (RCE) without authentication.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: H3C routers (specific version not specified)

No auth needed

Prerequisites: Network access to the target router · UDP port 9034 accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/zhefox/IOT_Vul/tree/main/H3C/H3CR100/1

Scores

CVSS v3 9.8

EPSS 0.0531

EPSS Percentile 91.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (2)

h3c/magic_r100_firmware v100r005

h3c/magic_r100_firmware v200r004

Published Jul 06, 2022

Tracked Since Feb 18, 2026