CVE-2025-3546

HIGH

H3C Magic Nx15 Firmware < 100r014 - Command Injection

Title source: rule

Description

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.

References (6)

[Broken Link] https://gist.github.com/isstabber/154661f329e4ae6bfe15dcdc0b932ff3

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.304585

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.304585

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.524745

[Product] https://www.h3c.com/cn/Service/Document_Software/Software_Download/Consume_product/

[Vendor Advisory] https://zhiliao.h3c.com/theme/details/229784

Scores

CVSS v3 8.0

EPSS 0.0107

EPSS Percentile 77.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-74 CWE-77

Status published

Affected Products (5)

h3c/magic_nx15_firmware < 100r014

h3c/magic_nx30_pro_firmware < 100r014

h3c/magic_nx400_firmware < 100r014

h3c/magic_r3010_firmware < 100r014

h3c/magic_be18000_firmware < 100r014

Timeline

Published Apr 14, 2025

Tracked Since Feb 18, 2026