CVE-2024-57471
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk50th percentile - higher than 50% of all known CVEs
Summary
A buffer overflow vulnerability was found in the H3C N12 V100R005 device within the 2.4G wireless network processing function. The lack of length validation allows an attacker to remotely crash the device or execute arbitrary code by sending a POST request to /bin/webs.
Risk Assessment
The risk includes remote code execution, which could lead to network compromise, data leakage, or using the device as a pivot for further attacks.
Recommendation
Immediately update the H3C N12 firmware to the latest patched version. If unavailable, restrict management interface access to trusted networks only.
Original NVD description (English source)
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.

