Skip to main content

H3C Magic B3 EUVDEUVD-2026-30711

| CVE-2026-8764 HIGH
Classic Buffer Overflow (CWE-120)
2026-05-17 VulDB GHSA-fgq5-p2r5-jrm5
7.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Updated
May 17, 2026 - 22:27 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 17, 2026 - 22:22 vuln.today
cvss_changed
CVSS changed
May 17, 2026 - 22:22 NVD
7.2 (HIGH) 7.3 (HIGH)
Analysis Generated
May 17, 2026 - 22:15 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function UpdateWanParams of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Remote buffer overflow in H3C Magic B3 routers (firmware up to 100R002) allows attackers with high privileges to corrupt memory via the UpdateWanParams function in /goform/aspForm by manipulating the param argument. Publicly available exploit code exists per VulDB disclosure, though the vendor did not respond to coordinated disclosure attempts. With CVSS 4.0 score of 7.3 and PR:H requirement, exploitation hinges on prior administrative access to the device's web interface.

Technical ContextAI

The vulnerability resides in the embedded web management interface of the H3C Magic B3 consumer/SMB router, specifically the ASP-style form handler at /goform/aspForm which routes to the UpdateWanParams function responsible for processing WAN configuration parameters. CWE-120 (Classic Buffer Overflow / Buffer Copy without Checking Size of Input) indicates the param argument is copied into a fixed-size stack or heap buffer without bounds validation, a recurring pattern in embedded router goform handlers written in C. The CPE cpe:2.3:a:h3c:magic_b3 confirms the H3C Magic B3 product line as the sole affected target, with no firmware version cutoff beyond '100R002' provided.

RemediationAI

No vendor-released patch identified at time of analysis - H3C did not respond to disclosure attempts per the VulDB report at https://vuldb.com/vuln/364389. As compensating controls, restrict administrative access to the router's web interface (/goform/aspForm) to trusted management VLANs or specific source IPs via firewall rules, which prevents remote exploitation but complicates legitimate remote administration. Disable WAN-side management entirely if enabled, accepting the loss of remote configuration capability. Rotate administrator credentials and disable default accounts to raise the bar against the PR:H prerequisite, and consider replacing the device with a supported model if it is deployed in security-sensitive environments, since unpatched embedded devices accumulate exposure over time.

Share

EUVD-2026-30711 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy