admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 13:37:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-25 23:00:39 +00:00
parent f7ee954553
commit 442475cf7a
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
2 changed files with 201 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
2025/5xxx/CVE-2025-5156.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5156",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by this issue is the function EditWlanMacList of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in H3C GR-5400AX bis 100R008 gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion EditWlanMacList der Datei /routing/goform/aspForm. Dank der Manipulation des Arguments param mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow",
"cweId": "CWE-120"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "H3C",
"product": {
"product_data": [
{
"product_name": "GR-5400AX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "100R008"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.310244",
"refsource": "MISC",
"name": "https://vuldb.com/?id.310244"
},
{
"url": "https://vuldb.com/?ctiid.310244",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.310244"
},
{
"url": "https://vuldb.com/?submit.574080",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.574080"
},
{
"url": "https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GB5400AX/6.md",
"refsource": "MISC",
"name": "https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GB5400AX/6.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "DaddyShark (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 8.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C"
}
]
}

100
2025/5xxx/CVE-2025-5157.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5157",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been classified as critical. This affects the function fileContent of the file /cfgFile/fileContent. The manipulation of the argument filePath leads to path traversal. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in H3C SecCenter SMP-E1114P02 bis 20250513 ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft die Funktion fileContent der Datei /cfgFile/fileContent. Dank Manipulation des Arguments filePath mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "H3C",
"product": {
"product_data": [
{
"product_name": "SecCenter SMP-E1114P02",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20250513"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.310245",
"refsource": "MISC",
"name": "https://vuldb.com/?id.310245"
},
{
"url": "https://vuldb.com/?ctiid.310245",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.310245"
},
{
"url": "https://vuldb.com/?submit.576229",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.576229"
},
{
"url": "https://flowus.cn/share/f78256ea-f210-4b35-ba71-85aba82d3e0a?code=G8A6P3",
"refsource": "MISC",
"name": "https://flowus.cn/share/f78256ea-f210-4b35-ba71-85aba82d3e0a?code=G8A6P3"
}
]
},
"credits": [
{
"lang": "en",
"value": "0menc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
}
]
}