EUVD-2025-18341

| CVE-2025-6090 HIGH
2025-06-15 [email protected]
Buffer Overflow
8.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 21:57 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 21:57 euvd
EUVD-2025-18341
CVE Published
Jun 15, 2025 - 15:15 nvd
HIGH 8.8

DescriptionNVD

A vulnerability was found in H3C GR-5400AX V100R009L50 and classified as critical. This issue affects the function UpdateWanparamsMulti/UpdateIpv6params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation.

AnalysisAI

Critical buffer overflow vulnerability in H3C GR-5400AX V100R009L50 routers affecting the UpdateWanparamsMulti and UpdateIpv6params functions. An authenticated remote attacker can manipulate the 'param' argument to trigger a buffer overflow, potentially achieving remote code execution with full system compromise (confidentiality, integrity, availability impact). A public proof-of-concept exists and the vulnerability is confirmed by the vendor, though they have deprioritized remediation despite the CVSS 8.8 score and active disclosure.

Technical ContextAI

The vulnerability exists in the web management interface of H3C GR-5400AX routers, specifically in the /routing/goform/aspForm endpoint that handles WAN parameter and IPv6 configuration updates. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow condition where user-supplied input in the 'param' argument is copied into a fixed-size buffer without proper length validation. The affected functions (UpdateWanparamsMulti and UpdateIpv6params) process network configuration data through a legacy ASP/CGI form handler that fails to enforce boundary checks. H3C GR-5400AX is an enterprise-grade router/gateway appliance, with CPE approximation: cpe:2.3:h:h3c:gr-5400ax:v100r009l50:*:*:*:*:*:*:*. The vulnerability likely affects the HTTP request handler processing POST parameters without sanitization.

RemediationAI

No official patch is currently available from H3C due to their stated low-risk assessment. Recommended mitigations in priority order: (1) IMMEDIATE: Restrict network access to the web management interface (/routing/goform/aspForm) using firewall rules—limit to trusted administrator IP ranges only. (2) Network Segmentation: Isolate GR-5400AX management interfaces to out-of-band administrative networks, preventing standard user access. (3) Credential Hardening: Enforce strong, unique administrative credentials and implement multi-factor authentication if supported. (4) Monitoring: Deploy network IDS/IPS signatures to detect buffer overflow attempts via oversized 'param' values in WAN/IPv6 configuration requests. (5) Escalate with H3C: File a formal support ticket demanding patch timeline given public POC and enterprise customer exposure. (6) Long-term: Plan hardware refresh or migration to alternative router vendors with more responsive security practices. Monitor H3C security advisories (typically at h3c.com/en/Service/security-advisories) for eventual patched firmware versions.

Share

EUVD-2025-18341 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy