- Description
- A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 10
- Exploitability score
- 5.1
- Vector string
- AV:A/AC:L/Au:S/C:C/I:C/A:C
- cna@vuldb.com
- CWE-119
- Hype score
- Not currently trending
CVE-2025-3854 04/22/2025 01:15:18 AM BaseSeverity: HIGH A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/Up... https://t.co/KLYOHmNLxG
@CVETracker
22 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-3854 🔴 HIGH (8.6) 🏢 H3C - GR-3000AX 🏗️ V100R006 🔗 https://t.co/oaZSVbOCyb 🔗 https://t.co/VaUXfqPJUA 🔗 https://t.co/BfHHqUOMnF 🔗 https://t.co/TfrFBW7JgG 🔗 https://t.co/ldhKo7wR6C 🔗 https://t.co/eGFk2G1Rti #CyberCron #VulnAlert #InfoSec https://t.co/QLPSN4Hwo7
@cybercronai
22 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-3854: HIGH] Critical vulnerability found in H3C GR-3000AX up to V100R006 allows buffer overflow through HTTP POST Request Handler. Attack possible within local network, immediate upgrade advised.#cve,CVE-2025-3854,#cybersecurity https://t.co/sjnjYMogxa https://t.co/zfyA
@CveFindCom
22 Apr 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3854 H3C GR-3000AX Buffer Overflow in HTTP POST Request Handler... https://t.co/oCLk7yBYze Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd
@VulmonFeeds
22 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-3854 - H3C GR-3000AX Router - HIGH 🚨 🗓️ Date published 2025-04-22 01:15:18 UTC #H3CGR-3000AXRouter #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/RsYbYgI3tz
@vulns_space
22 Apr 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3854 A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/Ed… https://t.co/NgC3ZkrBCl
@CVEnew
22 Apr 2025
529 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes