Описание
Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:huawei:1288h_v5_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:1288h_v5:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:huawei:2288h_v5_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:2288h_v5:-:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00128
Низкий
8.8 High
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.
EPSS
Процентиль: 33%
0.00128
Низкий
8.8 High
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo