Description
A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-19
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A buffer overflow in the SetMobileAPInfoById function of the /goform/aspForm file allows a remote attacker to manipulate the param argument and trigger overflow conditions. The exploit can be executed from any network host with access to the affected device, potentially leading to arbitrary code execution on the device. The vulnerability is classified as CWE-119 and CWE-120 and carries a CVSS score of 8.7, indicating a high severity level.

Affected Systems

The flaw exists in H3C Magic B1 devices running firmware versions up to 100R004. The product name is H3C Magic B1 and the affected range includes all releases through 100R004. No other vendors or product lines are listed.

Risk and Exploitability

The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, yet the public availability of the exploit and the remote nature of the attack vector indicate a realistic risk of exploitation. Attackers can target the web interface to send crafted requests to the SetMobileAPInfoById API, causing a buffer overflow that could lead to remote code execution. The high CVSS score and the absence of mitigation from the vendor further increase the urgency of remediation.

Generated by OpenCVE AI on April 19, 2026 at 23:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware or patch for H3C Magic B1 that removes the vulnerability in SetMobileAPInfoById (e.g., upgrade to a release newer than 100R004).
  • If a patch is not yet available, block or restrict access to the /goform/aspForm endpoint using firewall rules or device configuration to prevent remote invocation of the vulnerable function.
  • Continuously monitor vendor advisories and security bulletins for any updates or patches and apply them promptly once released.

Generated by OpenCVE AI on April 19, 2026 at 23:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 00:30:00 +0000

Type Values Removed Values Added
First Time appeared H3c
H3c magic B1
Vendors & Products H3c
H3c magic B1

Sun, 19 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title H3C Magic B1 aspForm SetMobileAPInfoById buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

H3c Magic B1
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-19T22:30:15.766Z

Reserved: 2026-04-19T05:14:48.176Z

Link: CVE-2026-6581

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-19T23:16:33.893

Modified: 2026-04-19T23:16:33.893

Link: CVE-2026-6581

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T00:15:35Z

Weaknesses