CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

May 20, 2025

CVE ID : CVE-2025-4997

Published : May 20, 2025, 8:15 p.m. | 22 minutes ago

Description : A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48017 – Apache Circuit File Upload Path Traversal

Next Article CVE-2025-44893 – Fortinet Web Application Firewall Stack Overflow Vulnerability

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

I keep seeing people at events taking notes on E-Ink tablets — so I tried one to see what all the fuss is about

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

Token System using PHP and MySQL

Token System using PHP and MySQL

Create React UI component with uncontrollable

Flaget – new small 5kB CLI argument parser

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

I keep seeing people at events taking notes on E-Ink tablets — so I tried one to see what all the fuss is about

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 27/2025

CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Clair Obscur: Expedition 33 release date — Launch times and when it comes out in your time zone

CVE-2024-13845 – WordPress Gravity Forms WebHooks SSRF

Tribblix is an illumos-based operating system with a retro style

DeepMind’s latest research at ICLR 2023

Subatomic Update: Figma and Code Token Architecture Available!

CVE-2025-2503 – Lenovo PC Manager Permission Bypass File Deletion Vulnerability

Object-Oriented Programming (OOP) Interview Questions Guide

This Week in Laravel: New Starter Kit, Multi-Tenancy, OTPs and Claude 4

CVE-2025-4997 – H3C R2+ProG HTTP POST Request Handler Denial of Service Vulnerability

Related Posts