Skip to main content

B5 Mini Firmware CVE-2022-36474

HIGH
Out-of-bounds Write (CWE-787)
2022-08-25 cve@mitre.org
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 25, 2022 - 14:15 nvd
HIGH 7.8

DescriptionNVD

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet.

AnalysisAI

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet. Affected products include: H3C B5 Mini Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2022-36478 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID. Rated high severi

CVE-2022-36477 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddWlanMacList. Rated high severi

CVE-2022-36475 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList. Rated high severity (

CVE-2022-36473 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. Rated high sev

CVE-2022-36472 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById. Rated high s

CVE-2022-36471 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode. Rated high seve

CVE-2022-36470 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById. Rated high sever

CVE-2022-36469 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. Rated hig

CVE-2022-36468 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. Rate

CVE-2022-36467 HIGH POC
7.8 Aug 25

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditMacList.d. Rated high severit

Share

CVE-2022-36474 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy