CRITICAL🇵🇱 Wersja polska

CVE-2025-60262

CVSS 9.8v3.1pub. 2026-01-06upd. 2026-01-29

An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulnerability about vsftpd. Through this vulnerability, all files uploaded anonymously via the FTP protocol is automatically owned by the root user and remote attackers could gain root-level control over the devices.

🤖 AI Analysis
How it works

In the H3C M102G wireless controller (software version HM1A0V200R010) and BA1500L access point (SWBA1A0V100R006), the vsftpd server is improperly configured — files uploaded via FTP in anonymous mode are automatically assigned as root user ownership. The error is classified as CWE-276 (incorrect default permissions). An attacker can upload a malicious file via FTP without providing authentication credentials, and then — using the root privileges assigned to the uploaded file — take control of the device.

Impact

An unauthenticated remote attacker can obtain root-level privileges on the device, enabling complete takeover of the wireless network controller or access point, including configuration modification, network traffic interception, and further attacks on the infrastructure.

Mitigation & patch

Apply patches available from the manufacturer according to the references. As an interim remedial measure, it is recommended to disable anonymous FTP access on devices or completely disable the vsftpd service if not required, and restrict access to the FTP port at the firewall level to trusted IP addresses only.

Who is affected

H3C M102G Wireless Controller with software HM1A0V200R010 and H3C Magic BA1500L Wireless Access Point with software SWBA1A0V100R006

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • H3c Magic Ba1500l

    HW
    H3C
    wszystkie wersje
  • H3c Magic Ba1500l Firmware

    OS
    H3C
    swba1a0v100r006
  • H3c Mc102 G

    HW
    H3C
    wszystkie wersje
  • H3c Mc102 G Firmware

    OS
    H3C
    hm1a0v200r010
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-57480CRITICAL9.8PL ✓ten sam vendor

Buffer overflow w H3C N12 — RCE przez brak walidacji długości danych

CVE-2024-57479CRITICAL9.8PL ✓ten sam vendor

Buffer overflow w H3C N12 — zdalne wykonanie kodu przez funkcję aktualizacji MAC

CVE-2024-57473CRITICAL9.8PL ✓ten sam vendor

Buffer overflow w H3C N12 – RCE przez funkcję edycji adresu MAC

CVE-2024-57471CRITICAL9.8PL ✓ten sam vendor

Buffer overflow w H3C N12 — RCE przez sieć bezprzewodową 2.4G

CVE-2024-57482CRITICAL9.8PL ✓ten sam vendor

Buffer overflow w H3C N12 — RCE przez POST request do /bin/webs