Giters

ChrisL0tus / CVE-2023-34924

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-34924

A buffer over flow vulnerability of H3C_Magic_B1STV100R012 router

CVE info:

•    the name of an affected Product:  H3C Magic B1STW B1STV100R012 router
•    the affected or fixed version(s): affected version: H3C-Magic-B1STW - H3C_Magic_B1STV100R012. Fixed version: none
•    the CVE ID for the entry (if possible): CVE-2023-34924
•    a prose description:  There is a buffer overflow vulnerability in the SetAPInfoById function in the web service of H3C_Magic_B1STV100R012 router, which can cause the web service to crash and even get the shell
•    vulnerability Type: buffer overflow
•    Root Cause: The  SetAPInfoById function get the param from request body and do not check the size, thus lead to the stack overflow and make the service crash
•    Impact: DoS

About