CVE-2024-57471

Published: Jan 14, 2025Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.

Affected (1)

Products: H3c: N12 Firmware

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
H3c N12 Firmware	Version 100r005

Running on/with	Platform Versions
H3c N12	All versions

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: cve@mitre.org

Product

https://gist.github.com/XiaoCurry/88a43c9a68694941221eb7592da39d4c

Source: cve@mitre.org

Broken Link

Timeline

No history available yet.