<0.1% probability · 14.2th percentile — 2026-05-12
Affected versions
H3C Magic B0 up to 100R002
Summary
This vulnerability exists in the Edit_BasicSSID function of the /goform/aspForm endpoint on affected H3C devices. Remote attackers can trigger a buffer overflow by maliciously manipulating the param argument, which can lead to arbitrary code execution. The exploit has been publicly disclosed, and the vendor has not responded to the vulnerability disclosure.
Remediation
Isolate affected H3C Magic B0 devices from untrusted and public networks until an official security patch is released. Regularly monitor the official H3C website for security updates and apply patches immediately once they become available. Replace affected devices with supported alternatives if no patch is released in a timely manner.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. Potential exploit details can be searched in Exploit-DB or GitHub.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.