- Description
- A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/wizard/getWifiNeighbour of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 10
- Exploitability score
- 5.1
- Vector string
- AV:A/AC:L/Au:S/C:C/I:C/A:C
- cna@vuldb.com
- CWE-74
- Hype score
- Not currently trending
🚨 CVE-2025-2732 🔴 HIGH (8.7) 🏢 H3C - Magic NX15 🏗️ V100R014 🔗 https://t.co/sQFppFHwdf 🔗 https://t.co/aWlZNQfNSq 🔗 https://t.co/NggiNa258I 🔗 https://t.co/pzaVWjvWot #CyberCron #VulnAlert #InfoSec https://t.co/ldDyrKpIje
@cybercronai
26 Mar 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-2732 - H3C Magic NX15 - HIGH 🚨 🗓️ Date published 2025-03-25 04:15:20 UTC #H3CMagicNX15 #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/rjTiNdUII3
@vulns_space
25 Mar 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-2732: HIGH] Critical vulnerability discovered in H3C products could lead to remote command injection. The issue affects /api/wizard/getWifiNeighbour endpoint on models up to V100R014. Public exploit avai...#cybersecurity,#vulnerability https://t.co/mWPUf1LfLN https://t.
@CveFindCom
25 Mar 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-2732 | H3C Magic BE18000 up to V100R014 HTTP POST Request getWifiNeighbour command injection) has been published on https://t.co/sIrSdc9nND
@WolfgangSesin
24 Mar 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes