CVE-2025-14196
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-07

Last updated on: 2025-12-07

Assigner: VulDB

Description
A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub_44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-07
Last Modified
2025-12-07
Generated
2026-05-07
AI Q&A
2025-12-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-14196
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
h3c magic_b1 100r004
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a buffer overflow in the H3C Magic B1 device (up to version 100R004) caused by improper handling of an argument in the function sub_44de0 within the /goform/aspForm file. This flaw allows remote attackers to exploit the device by sending specially crafted input, potentially leading to arbitrary code execution or system compromise.


How can this vulnerability impact me? :

The vulnerability can allow remote attackers to execute arbitrary code or cause a denial of service on the affected device, potentially leading to unauthorized access, disruption of services, or compromise of the network infrastructure where the device is deployed.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves checking if your H3C Magic B1 device is running firmware up to version 100R004 and monitoring for suspicious requests to the /goform/aspForm endpoint, especially those manipulating the 'param' argument. Since the exploit is publicly available, network intrusion detection systems (NIDS) can be configured to look for exploit patterns targeting this endpoint. Specific commands are not provided in the resources, but monitoring HTTP requests to /goform/aspForm and analyzing logs for unusually large or malformed 'param' parameters could help detect exploitation attempts. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include replacing the affected H3C Magic B1 device with an alternative product, as no patches or vendor responses are available. Since the vendor did not provide any mitigation or patch, and the exploit is publicly available, discontinuing use of the vulnerable firmware version (up to 100R004) and isolating the device from untrusted networks are recommended to reduce exposure. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart