Which versions of Magic B1 are affected by CVE-2026-6563?

CVE-2026-6563 is a high-severity buffer overflow in H3C Magic B1 router firmware that permits authenticated attackers to achieve complete system compromise through the web management interface.

Is there a public PoC exploit available for CVE-2026-6563?

Yes, a public proof-of-concept exploit is available for CVE-2026-6563. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-6563?

Within 24 hours: Identify all H3C Magic B1 routers in your environment and document current firmware versions via management console or administrative access. Within 7 days: Isolate affected devices from critical network segments if versions through 100R004 are confirmed; restrict administrative access to trusted personnel only and disable remote management if operationally feasible. Within 30 days: Contact H3C vendor support for firmware update availability; if no patch emerges, evaluate replacement hardware or maintain strict network segmentation with robust access controls and monitoring of the /goform/aspForm endpoint.

Magic B1 CVE-2026-6563

Q: What is the CVSS score of CVE-2026-6563?

CVE-2026-6563 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-23690 HIGH

Classic Buffer Overflow (CWE-120)

2026-04-19 VulDB

Buffer Overflow Magic B1

7.4

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.4 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Apr 22, 2026 - 20:22 vuln.today

Public exploit code

Analysis Updated

Apr 19, 2026 - 09:27 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 19, 2026 - 09:22 vuln.today

cvss_changed

CVSS changed

Apr 19, 2026 - 09:22 NVD

8.8 (HIGH) 7.4 (HIGH)

Analysis Generated

Apr 19, 2026 - 08:48 vuln.today

EUVD ID Assigned

Apr 19, 2026 - 08:45 euvd

EUVD-2026-23690

Analysis Generated

Apr 19, 2026 - 08:45 vuln.today

CVE Published

Apr 19, 2026 - 08:30 nvd

HIGH 7.4

DescriptionCVE.org

A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Buffer overflow in H3C Magic B1 router firmware (versions through 100R004) allows authenticated remote attackers to achieve complete system compromise via crafted parameters to the SetAPWifiorLedInfoById function in /goform/aspForm. Public exploit code exists on GitHub. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Obtain router credentials

Delivery

Authenticate to web interface

Exploit

POST crafted oversized param to /goform/aspForm

Execution

Trigger buffer overflow in SetAPWifiorLedInfoById

Persist

Execute arbitrary code as root

Impact

Establish persistent access