CVE-2025-6091 | H3C GR-3000AX V100R007L50 /routing/goform/aspForm UpdateWanParamsMulti/UpdateIpv6Params param buffer overflow

A vulnerability was found in H3C GR-3000AX V100R007L50. It has been classified as critical. Affected is the function UpdateWanParamsMulti/UpdateIpv6Params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow.

This vulnerability is traded as CVE-2025-6091. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation.

CVE-2025-6091 | H3C GR-3000AX V100R007L50 /routing/goform/aspForm UpdateWanParamsMulti/UpdateIpv6Params param buffer overflow

Post correlati

CVE-2025-38028 | Linux Kernel up to 6.14.7 localio nfs_local_open_fh race condition

CVE-2025-2203 | FunnelKit Plugin up to 3.10.1 on WordPress sql injection

CVE-2024-1863 | Sante PACS Server Token Endpoint sql injection

CVE-2023-52866 | Linux Kernel up to 6.5.11/6.6.1 uclogic_params_ugee_v2_init_event_hooks null pointer dereference (64da1f6147da/6c8f953728d7/91cfe0bbaa1c)