CVE-2023-27805
MEDIUMH3C Magic R100 R100V100R005.bin - Stack Overflow via EditSTList Interface
Title source: llmDescription
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
References (1)
Core 1
Core References
Various Sources
https://hackmd.io/%400dayResearch/EditSTList
Scores
CVSS v3
4.9
EPSS
0.0038
EPSS Percentile
59.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-787
Status
published
Products (1)
h3c/magic_r100_firmware
v100r005
Published
Apr 07, 2023
Tracked Since
Feb 18, 2026