CVE-2023-33638

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published May 31, 2023

Updated: Jan 10, 2025

CWE ID 787

Summary

CVE-2023-33638 is a newly discovered stack overflow vulnerability affecting the H3C Magic R300 router running version R300-2100MV100R004. This issue can be exploited through the Edit_BasicSSID_5G interface located at /goform/aspForm. A stack overflow occurs when a program tries to store more data in a buffer than it can hold, leading to unintended program behavior and, potentially, remote code execution. The vulnerability poses a significant risk to organizations using this router and could result in unauthorized access, data theft, or other malicious activities. It is recommended that users immediately update their router firmware to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

New H3C Technologies Co. Ltd.

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners