CVE-2024-57482

CRITICAL

H3C N12 Firmware - Buffer Overflow

Title source: rule

Description

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.

References (2)

[Product] http://h3c.com

[Broken Link] https://gist.github.com/XiaoCurry/d39f76a025df8b78a5f9e1aa48c16d18

Scores

CVSS v3 9.8

EPSS 0.0033

EPSS Percentile 55.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-120

Status published

Affected Products (1)

h3c/n12_firmware

Timeline

Published Jan 14, 2025

Tracked Since Feb 18, 2026