CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

May 20, 2025

CVE ID : CVE-2025-4997

Published : May 20, 2025, 8:15 p.m. | 22 minutes ago

Description : A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48017 – Apache Circuit File Upload Path Traversal

Next Article CVE-2025-44893 – Fortinet Web Application Firewall Stack Overflow Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

The best smart glasses unveiled at I/O 2025 weren’t made by Google

Google’s upcoming AI smart glasses may finally convince me to switch to a pair full-time

I tried Samsung’s Project Moohan XR headset at I/O 2025 – and couldn’t help but smile

Is Google’s $250-per-month AI subscription plan worth it? Here’s what’s included

IOT and API Integration With MuleSoft: The Road to Seamless Connectivity

IOT and API Integration With MuleSoft: The Road to Seamless Connectivity

Celebrating GAAD by Committing to Universal Design: Low Physical Effort

Celebrating GAAD by Committing to Universal Design: Flexibility in Use

Microsoft open-sources Windows Subsystem for Linux at Build 2025

Microsoft open-sources Windows Subsystem for Linux at Build 2025

Microsoft Brings Grok 3 AI to Azure with Guardrails and Enterprise Controls

You won’t have to pay a fee to publish apps to Microsoft Store

CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-20152 – Cisco ISE RADIUS Message Processing Denial of Service Vulnerability

CVE-2025-3967 – Itwanger Paicoding Article Handler Remote Code Execution Vulnerability

The Unexpected Powerhouse: Building Static Sites with Drupal

“There is no lawsuit.” Drug Dealer Simulator lands on Xbox after addressing rumors about suing Schedule I

Rilasciata Nobara 42: una nuova versione “rolling release”

Essential Git Command Reference: The Core Operations Every Developer Needs

Contextual Position Encoding (CoPE): A New Position Encoding Method that Allows Positions to be Conditioned on Context by Incrementing Position only on Certain Tokens Determined by the Model

Dev Tutorial: Building a Shared Navigation With Help from AEM Content Services | Part 2

CMU Researchers Propose In-Context Abstraction Learning (ICAL): An AI Method that Builds a Memory of Multimodal Experience Insights from Sub-Optimal Demonstrations and Human Feedback

CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

Related Posts