exploitDog

CVE-2020-9200

Опубликовано: 24 дек. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201209-01-csvinjection-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201209-01-csvinjection-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:huawei:imanager_neteco_6000:v600r021c00:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00063

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-1236

Связанные уязвимости

GHSA-g6c2-ghr3-xmvw

github

больше 3 лет назад

There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.

EPSS

Процентиль: 20%

0.00063

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-1236