CVE-2024-13980 | THREATINT

Description

H3C Intelligent Management Center (IMC) versions up to and including E0632H07 contains a remote command execution vulnerability in the /byod/index.xhtml endpoint. Improper handling of JSF ViewState allows unauthenticated attackers to craft POST requests with forged javax.faces.ViewState parameters, potentially leading to arbitrary command execution. This flaw does not require authentication and may be exploited without session cookies. An affected version range is undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-08-28 UTC.

PUBLISHED Reserved 2025-08-25 | Published 2025-08-27 | Updated 2025-08-28 | Assigner VulnCheck

CRITICAL: 10.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-502 Deserialization of Untrusted Data

Product status

Default status

unknown

affected

References

blog.csdn.net/nnn2188185/article/details/141065540 exploit

github.com/OJZen/FckESC/blob/master/内网登录过程.txt technical-description exploit

blog.csdn.net/weixin_48539059/article/details/141033966 technical-description exploit

axsec.blog.csdn.net/article/details/141003376 technical-description exploit

www.h3c.com/cn/Service/Online_Help/psirt/ product

www.vulncheck.com/...s/h3c-intelligent-management-center-rce third-party-advisory

cve.org (CVE-2024-13980)

nvd.nist.gov (CVE-2024-13980)

Download JSON