CVE-2026-6563 | H3C Magic B1 up to 100R004 /goform/aspForm SetAPWifiorLedInfoById param buffer overflow

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability identified as critical has been detected in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow.

This vulnerability is traded as CVE-2026-6563. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-6563 | H3C Magic B1 up to 100R004 /goform/aspForm SetAPWifiorLedInfoById param buffer overflow

Post correlati

CVE-2025-4593 | aviplugins WP Register Profile With Shortcode Plugin up to 3.6.2 on WordPress information disclosure

CVE-2023-5677 | AXIS OS 5.51 VAPIX API tcptest.cgi Remote Code Execution

CVE-2024-34525 | vastsa FileCodeBox 2.0 ENV File cleartext storage in a file or on disk (Issue 133)

CVE-2024-7414 | PDF Builder for WPForms Plugin up to 1.2.116 on WordPress information disclosure