2025-12-30 22:41:40
VulnCheck
PUBLISHED
H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the txtUsrName POST parameter. Attackers can submit different usernames to the login_submit.cgi endpoint and analyze response messages to distinguish between existing and non-existing accounts.