漏洞描述
该漏洞为权限绕过类型的获取设备配置权的远程高可利用漏洞。 通过该漏洞可以使未经任何身份认证的用户获得H3C设备登陆权限
新华三Magic系列路由登录绕过漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-4073: RegistrationMagic <= 5.0.1.7 - Authentication Bypass
- POC H3C Magic NX系列设备存在远程命令执行漏洞(CVE-2025-2725)
- MagicINFO SWUpdateFileUploader 文件上传漏洞
- 三星MagicINFO CVE-2025-4632 文件上传
- POC CVE-2010-1307: Joomla! Component Magic Updater - Local File Inclusion
- POC CVE-2021-24862: WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection
- POC CVE-2021-25864: Hue Magic 3.0.0 - Local File Inclusion
- POC CVE-2023-33629: H3C Magic R300-2100M - Remote Code Execution
- POC CVE-2024-7399: Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution
- POC CVE-2025-4632: Samsung MagicINFO 9 Server - File Upload & Remote Code Execution
- POC CVE-2023-33629: H3C Magic R300-2100M RCE
- POC CVE-2023-34928: H3C Magic B1STV100R012 RCE
- POC magicflow-main-xp-file-read: MagicFlow 防火墙网关 main.xp 任意文件读取漏洞