Vulnerability in H3c M2 Nas
CVE-2025-8907
A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads to execution with unnecessary privileges. An attack has to be app…
EPSS: 0.001 (4.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.0 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- H3c M2 Nas — versions V100R006
Weakness classification (CWE)
References
- cna@vuldb.com (vdb-entry)
- cna@vuldb.com (signature, permissions-required)
- cna@vuldb.com (third-party-advisory)
- cna@vuldb.com (exploit)
Frequently asked questions
- What is CVE-2025-8907?
- CVE-2025-8907 is a high-severity vulnerability in H3c M2 Nas, classified under CWE-250. CVSS score: 7.0/10. Published 2025-08-13.
- How severe is CVE-2025-8907?
- High severity. CVSS v3 base score is 7.0 out of 10.