CVE-2026-3701 - Vulnerability Details

- H3C Magic B1 aspForm Edit_BasicSSID_5G buffer overflow

Description

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-03-08

Score: 8.7 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An attacker can exploit a buffer overflow in the Edit_BasicSSID_5G function of the H3C Magic B1 web interface. The vulnerability is triggered by manipulating the param argument sent to /goform/aspForm, allowing an attacker to overflow the buffer and gain arbitrary code execution on the device. Because the flaw occurs in firmware up to 100R004, it can affect any deployed unit running that or earlier firmware, potentially compromising device confidentiality, integrity, and availability.

Affected Systems

Products affected are H3C Magic B1 routers running firmware versions 100R004 or earlier. The specific model is the Magic B1 series, as identified by the CPE strings. End‑users who have not applied the latest firmware upgrade are vulnerable.

Risk and Exploitability

With a CVSS score of 8.7 the vulnerability is high severity, while the EPSS score of <1% indicates low current exploitation probability. It is not listed in CISA’s KEV catalog, but public exploit code exists. The likely attack vector is remote, via HTTP POST to the web interface, and requires network connectivity to the device’s management port, as inferred from a description that the exploit can be executed remotely. No official patch is currently released, so the flaw remains exploitable until a firmware update is applied.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

H3C

Magic B1

affected

Version	Status	Constraints
`100R004`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:h3c:magic_b1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:h3c:magic_b1:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

H3c

Magic B1

100%

Version	Status	Scheme	Platform
`100R004`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest firmware update that addresses the Edit_BasicSSID_5G buffer overflow (any version newer than 100R004).
If an update is not available or cannot be applied immediately, block or restrict access to the /goform/aspForm endpoint using firewall or ACL to prevent unauthenticated remote users from sending malicious requests.
Monitor device logs for abnormal POST requests to /goform/aspForm and consider enabling intrusion detection or logging on the management interface.

Generated by OpenCVE AI on April 17, 2026 at 12:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00092.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/saltedfisholdxu/vul/blob/main/Magic%20B1/6_b1-report.md
https://vuldb.com/?ctiid.349647
https://vuldb.com/?id.349647
https://vuldb.com/?submit.765771

History

Tue, 10 Mar 2026 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		H3c magic B1 Firmware
CPEs		cpe:2.3:h:h3c:magic_b1:-:::::::* cpe:2.3:o:h3c:magic_b1_firmware::::::::
Vendors & Products		H3c magic B1 Firmware

Tue, 10 Mar 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 09 Mar 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		H3c H3c magic B1
Vendors & Products		H3c H3c magic B1

Sun, 08 Mar 2026 04:45:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		H3C Magic B1 aspForm Edit_BasicSSID_5G buffer overflow
Weaknesses		CWE-119 CWE-120
References		https://github.com/saltedfisholdxu/vul/blob/main/Magic%20B1/6_b1-report.md https://vuldb.com/?ctiid.349647 https://vuldb.com/?id.349647 https://vuldb.com/?submit.765771
Metrics		cvssV2_0 `{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

H3c Magic B1 Magic B1 Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-08T04:02:07.795Z

Updated: 2026-03-10T13:57:10.134Z

Reserved: 2026-03-07T08:49:15.946Z

Link: CVE-2026-3701

Vulnrichment

Updated: 2026-03-10T13:57:05.336Z

NVD

Status : Analyzed

Published: 2026-03-08T05:16:28.517

Modified: 2026-03-10T18:55:17.783

Link: CVE-2026-3701

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T12:15:18Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object