Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight

Several H3C Magic router models have critical vulnerabilities
The vulnerabilities allow for privilege escalation and command injection
No patch has so far been issued for the vulnerabilities

Several H3C Magic router models are vulnerable to command injection attacks that can be launched remotely, according to several new critical CVE listings on the NIST National Vulnerability Database.

A total of 8 vulnerabilities have been listed across 5 different models of H3C Magic router, with all currently scoring an 8.8 on the severity score.

The affected models in question are the H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010, and Magic BE18000.

Routers vulnerable to command injection

The vulnerabilities are tracked as CVE-2025-2725-through-2732 and allow an attacker to send a specially crafted POST packet or request without authorization to vulnerable APIs in order to obtain the highest privileges available on the device.

The POST packets and requests are designed to trigger specific handler functions within the API files, allowing an attacker to use the backtick (`) – which isn’t filtered as a dangerous character – for command injection with the highest privileges.

Several of the vulnerable routes contain functions to check for dangerous characters such as semicolons, but it appears that the backtick was not included as a dangerous character allowing the attack to bypass these functions.

For the H3C Magic NX15, CVE-2025-2725 allows an attacker to use the body of a POST request to trigger the FCGI_UserLogin function, starting a cascade of functions that results in the attacker being able to remotely execute commands, again using the unfiltered backtick. The attacker can then log in as the root user without using a password and access a root shell.

NVD contacted H3C prior to listing the CVE disclosures, but received no response. Currently, no patch has been issued to address the vulnerabilities. The full list of vulnerabilities can be found here.

https://cdn.mos.cms.futurecdn.net/bkwuj9CWSiEuwx6rRgHJgS-1200-80.jpg

Source link
benedict.collins@futurenet.com (Benedict Collins)

Audio-Technica ATH-ADX7000 review: truly exceptional open-backs for the more affluent audiophile

Watch out Microsoft 365 — European giants launch Euro-Office, a ‘true sovereign office suite’

How CIOs can create a strong foundation for an AI-enabled workplace

Artemis II will use laser beams in giant leap for space video — new optical tech will stream ‘4K high-definition video from the Moon’

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

The Complete Star Trek Timeline Explained

7 Most Perfect TV Dramas of the Last 10 Years, Ranked

Brian Cox Joins Cast of Dexter: Resurrection Season 2

Don Lemon Considers Presidential Run

Braemar Hotels & Resorts extends advisory agreement with Ashford Inc. for ten years

Leaders push for a ‘Manhattan Project’ and public-private solutions around AI and labor

First French ship transits Strait of Hormuz in setback for Trump

Google CEO Sundar Pichai says we’re just a decade away from a new normal of extraterrestrial data centers

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight

The Complete Star Trek Timeline Explained

Braemar Hotels & Resorts extends advisory agreement with Ashford Inc. for ten years

Audio-Technica ATH-ADX7000 review: truly exceptional open-backs for the more affluent audiophile

7 Most Perfect TV Dramas of the Last 10 Years, Ranked