Nx15
Monthly
Unauthenticated remote password modification on H3C NX15 V100R017 routers allows any network-reachable attacker to overwrite the administrator password via the change_passwd function at the /api/login/modify endpoint, effectively seizing full administrative control of the device. The vulnerability stems from a missing authentication or authorization check on the password modification API (CWE-640), meaning no credentials or session token are required to invoke it. A public proof-of-concept exploit is available on GitHub, and no vendor patch has been identified at time of analysis.
Unauthenticated remote password modification on H3C NX15 V100R017 routers allows any network-reachable attacker to overwrite the administrator password via the change_passwd function at the /api/login/modify endpoint, effectively seizing full administrative control of the device. The vulnerability stems from a missing authentication or authorization check on the password modification API (CWE-640), meaning no credentials or session token are required to invoke it. A public proof-of-concept exploit is available on GitHub, and no vendor patch has been identified at time of analysis.