H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
The vulnerability stems from the lack of verification of input data length in the AP configuration function handled by the /bin/webs web server. An attacker sends a specially crafted HTTP POST request to the /bin/webs endpoint, passing data that exceeds the allocated memory buffer. Buffer overflow (CWE-120) allows overwriting memory areas and gaining control over the program's execution flow, which may result in arbitrary code execution (RCE) or device crash.
An attacker can remotely execute arbitrary system commands on the device (RCE) or cause it to crash, leading to service unavailability. The attack requires no authentication or user interaction.
Apply patches available from the manufacturer according to the references. Until the update is applied, it is recommended to restrict access to the device's web interface only to trusted networks/IP addresses and block external access to the /bin/webs endpoint through a firewall.
H3C N12 with firmware version V100R005
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HH3c N12
HWH3Cwszystkie wersjeH3c N12 Firmware
OSH3C100r005
Related vulnerabilities
Buffer overflow w H3C N12 — RCE przez sieć bezprzewodową 2.4G
Buffer overflow w H3C N12 – RCE przez funkcję edycji adresu MAC
Buffer overflow w H3C N12 — zdalne wykonanie kodu przez funkcję aktualizacji MAC
Buffer overflow w H3C N12 — RCE przez POST request do /bin/webs
Błędna konfiguracja vsftpd w H3C M102G i BA1500L — przejęcie uprawnień root