Описание
VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user's input. An authenticated attacker could launch a command injection attack.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до v100r002c50spc100 (исключая)
Одновременно
cpe:2.3:o:huawei:vcm5010_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:vcm5010:-:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01056
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user's input. An authenticated attacker could launch a command injection attack.
EPSS
Процентиль: 77%
0.01056
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-77