{"vulnerability": "CVE-2025-3854", "sightings": [{"uuid": "c1117a65-5f83-44fe-9f46-57fc81af5778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114376417527828395", "content": "", "creation_timestamp": "2025-04-21T14:27:09.210618Z"}, {"uuid": "181bef49-ff2a-40d3-9ada-76328ec0f594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lneoz3pvej24", "content": "", "creation_timestamp": "2025-04-22T03:04:30.475996Z"}, {"uuid": "c3398f87-89f6-4acc-bdaf-8aef16b88c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114379567843551670", "content": "", "creation_timestamp": "2025-04-22T03:48:19.466513Z"}, {"uuid": "22dd254e-021d-48da-b270-9b67aa66025b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnfha5klkw2o", "content": "", "creation_timestamp": "2025-04-22T10:17:54.883514Z"}, {"uuid": "0309a354-bf9d-4802-b60b-5a094cb8508f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114388691491140794", "content": "", "creation_timestamp": "2025-04-23T18:28:35.004659Z"}, {"uuid": "fe881253-699a-46fb-bb7d-659fc95ab22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38548", "type": "seen", "source": "Telegram/hJTfcx4e0m6EfcFVnO3jT9hnn52auvn9Rlc8cXvS590j6io", "content": "", "creation_timestamp": "2026-01-07T19:08:15.000000Z"}, {"uuid": "1ee5c5bd-7aa8-4f84-ad65-76c434db1f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38544", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "852c6bab-de76-40c5-a5b8-25da56407936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38544", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "96a03e5c-b668-4356-8a6b-bdf4e396d0e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12775", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3854\n\ud83d\udd25 CVSS Score: 8.6 (cvssV4_0, Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.\n\ud83d\udccf Published: 2025-04-22T00:31:07.525Z\n\ud83d\udccf Modified: 2025-04-22T00:31:07.525Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.305778\n2. https://vuldb.com/?ctiid.305778\n3. https://vuldb.com/?submit.556614\n4. https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-3000AX/1.md\n5. https://zhiliao.h3c.com/theme/details/229784\n6. https://www.h3c.com/cn/Service/Document_Software/Software_Download/Consume_product/", "creation_timestamp": "2025-04-22T01:02:24.000000Z"}, {"uuid": "6da3227c-6367-46ed-9717-3fa4a9263561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "seen", "source": "https://t.me/cvedetector/23473", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3854 - H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3854 \nPublished : April 22, 2025, 1:15 a.m. | 31\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well. \nSeverity: 8.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-22T04:11:17.000000Z"}, {"uuid": "b96bec0d-a7eb-4b23-a052-7e413303d8b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3854", "type": "published-proof-of-concept", "source": "Telegram/B6CGMu5rGeBTXj4_Tk9XrSymZSpsaWrQCB_gWASF5GAVV50", "content": "", "creation_timestamp": "2025-04-22T04:00:14.000000Z"}]}