• the name of an affected Product: H3C Magic B1STW B1STV100R012 router
• the affected or fixed version(s): affected version: H3C-Magic-B1STW - H3C_Magic_B1STV100R012. Fixed version: none
• the CVE ID for the entry (if possible): CVE-2023-34924
• a prose description: There is a buffer overflow vulnerability in the SetAPInfoById function in the web service of H3C_Magic_B1STV100R012 router, which can cause the web service to crash and even get the shell
• vulnerability Type: buffer overflow
• Root Cause: The SetAPInfoById function get the param from request body and do not check the size, thus lead to the stack overflow and make the service crash
• Impact: DoS