CVE-2022-28940

In H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization. It sends a large amount of data through ajaxmsg to carry out DOS attack.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:h3c:magic_r100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:h3c:magic_r100:-:*:*:*:*:*:*:*

History

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-863 NVD-CWE-noinfo

Information

Published : 2022-05-04 16:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-28940

Mitre link : CVE-2022-28940

CVE.ORG link : CVE-2022-28940


JSON object : View

Products Affected

h3c

  • magic_r100_firmware
  • magic_r100