{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6560", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-18T15:54:54.172Z", "datePublished": "2026-04-19T06:45:14.514Z", "dateUpdated": "2026-04-19T06:45:14.514Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-19T06:45:14.514Z"}, "title": "H3C Magic B0 aspForm Edit_BasicSSID buffer overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "H3C", "product": "Magic B0", "versions": [{"version": "100R002", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-18T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-18T17:59:58.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "xyhackr (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/358197", "name": "VDB-358197 | H3C Magic B0 aspForm Edit_BasicSSID buffer overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358197/cti", "name": "VDB-358197 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/788021", "name": "Submit #788021 | H3C Magic B0 <=100R002 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/xiaohaiyang-ai/CVE-Reports/blob/main/Vulnerability-Report.md", "tags": ["exploit"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-6560", "lastModified": "2026-04-19T07:16:05.973", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-19T07:16:05.973", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/xiaohaiyang-ai/CVE-Reports/blob/main/Vulnerability-Report.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/788021"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358197"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358197/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-120"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-19T08:21:17.336974+00:00", "value": {"mitigation_remediation": ["Update the device firmware to a version released after 100R002 or that explicitly includes the buffer\u2011overflow fix when an official patch becomes available.", "If no patch exists, restrict remote access to the management interface by blocking HTTP/HTTPS access from untrusted networks or limiting the set of allowed IP addresses through firewall or ACL rules.", "Contact H3C support to obtain an official security advisory or temporary mitigation recommendations, and monitor the device for anomalous activity that could indicate exploitation attempts."], "summary": {"action": "Apply Patch", "impact": "Remote code execution via buffer overflow"}, "threat_synthesis": {"affected_systems": "The flaw affects H3C Magic B0 devices running firmware up to 100R002. The product is typically deployed in network environments as a wireless gateway or access point.", "description_and_impact": "A buffer overflow exists in the Edit_BasicSSID function of the H3C Magic B0's /goform/aspForm endpoint. This flaw can be triggered by malformed input in the param argument, allowing an attacker to write memory beyond the intended bounds and potentially execute arbitrary code. The weakness is identified by CWE\u2011119 and CWE\u2011120 and could compromise the device if exploited.", "risk_and_exploitability": "The CVSS score is 8.7, indicating a high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. The vendor did not respond to the initial disclosure, and the exploit has been publicly disclosed, suggesting a potential threat vector over the network to the device's management interface."}}}}, "created": "2026-04-19T08:30:15.487532+00:00", "updated": "2026-04-19T08:30:15.487543+00:00", "vendors": []}