CVE-2025-3854 – H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability

April 21, 2025

CVE ID : CVE-2025-3854

Published : April 22, 2025, 1:15 a.m. | 29 minutes ago

Description : A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3856 – Xxyopen Novel-Plus SQL Injection Vulnerability

Next Article CVE-2025-3850 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

Highlights

CVE-2025-32886 – goTenna Information Disclosure

May 1, 2025

CVE ID : CVE-2025-32886

Published : May 1, 2025, 6:15 p.m. | 1 hour, 11 minutes ago

Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data.

Severity: 4.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

CVE-2025-3854 – H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud

CVE-2025-53027 – Oracle Virtualization VirtualBox Core Virtual Takeover

OpenWrt – Linux distribution targeting embedded devices

Here’s how I’d design a mega menu — with 3 great examples

CVE-2025-32886 – goTenna Information Disclosure

What Makes for a Good Stereoscopic Image?

Using Manim For Making UI Animations

Overwatch 2: All available Heroes, abilities and items in Stadium Mode

CVE-2025-3854 – H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts