H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
The vulnerability (CWE-120) consists of a lack of data length validation passed to the MAC address editing function in the device software. An attacker sends a specially crafted HTTP POST request to the /bin/webs endpoint, which causes a buffer overflow in memory. As a result, it is possible to both crash the process (denial of service) and execute arbitrary code on the target device (RCE).
An attacker can remotely execute arbitrary commands on the device (RCE) or cause its failure and unavailability. Due to the lack of authentication and user interaction requirements, the attack can be performed fully automatically.
Apply patches available from the manufacturer according to references. Until the update is performed, it is recommended to restrict access to the device management interface only to trusted hosts (e.g., through firewall or ACL) and disable access to the admin panel from public networks.
H3C N12 with software version V100R005
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HH3c N12
HWH3Cwszystkie wersjeH3c N12 Firmware
OSH3C100r005
Related vulnerabilities
Buffer overflow w H3C N12 — RCE przez sieć bezprzewodową 2.4G
Buffer overflow w H3C N12 — zdalne wykonanie kodu przez funkcję aktualizacji MAC
Buffer overflow w H3C N12 — RCE przez brak walidacji długości danych
Buffer overflow w H3C N12 — RCE przez POST request do /bin/webs
Błędna konfiguracja vsftpd w H3C M102G i BA1500L — przejęcie uprawnień root