Cyber Resilience

CVE-2022-34598

CriticalPublic PoC

Published: 06 July 2022

Published
06 July 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.8430 99.3th percentile
Risk Priority 70 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-34598 is a critical-severity an unspecified weakness vulnerability in H3C Magic R100 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

The vulnerability affects the udpserver component in H3C Magic R100 routers running firmware versions V200R004 and V100R005. It stems from an exposed UDP service on port 9034 that permits unauthenticated remote command execution, resulting in a CVSS 3.1 base score of 9.8 with full impacts to confidentiality, integrity, and availability.

An attacker with network access can send crafted UDP packets to the open port and execute arbitrary commands on the device without credentials or user interaction. Successful exploitation grants complete control over the router, enabling actions such as traffic interception, persistence, or use as a pivot point into connected networks.

Public references consist of GitHub repositories that document the affected device and provide technical details on the exposure, though no vendor advisory or official patch information is included in the available data. The associated EPSS score stands at 0.8430, reflecting a persistently elevated likelihood of exploitation since disclosure.

EU & UK References

Vulnerability details

The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

h3c
magic r100 firmware
v100r005, v200r004

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References