CVE-2023-33629
HIGH EXPLOITED NUCLEIH3C Magic R300 <R300-2100MV100R004 - Buffer Overflow
Title source: llmExploitation Summary
CVE-2023-33629 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.
Nuclei Templates (1)
H3C Magic R300-2100M - Remote Code Execution
HIGHVERIFIEDby DhiyaneshDK
FOFA:
app="H3C-Ent-Router" || app="h3c-ent-router"
References (1)
Core 1
Core References
Various Sources
https://hackmd.io/%400dayResearch/r1UjggZfh
Scores
CVSS v3
7.2
EPSS
0.0435
EPSS Percentile
90.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
VulnCheck KEV
2025-06-07
CWE
CWE-787
Status
published
Products (1)
h3c/magic_r300-2100m_firmware
r300-2100mv100r004
Published
May 31, 2023
Tracked Since
Feb 18, 2026