Search
Find a vulnerability
Search criteria
1 vulnerability found for b2368-22 by huawei
VAR-202009-1321
Vulnerability from variot - Updated: 2024-11-23 22:37B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device. Huawei B2368-22, etc. are all high-performance outdoor CPE terminals from Huawei (Huawei)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1321",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "b2368-57",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "b2368-22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "b2368-66",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "b2368-57 v100r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "b2368-22 v100r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "b2368-66 v100r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"cve": "CVE-2020-9199",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CVE-2020-9199",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2022-73696",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2020-9199",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-9199",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2022-73696",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-136",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
},
{
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device. Huawei B2368-22, etc. are all high-performance outdoor CPE terminals from Huawei (Huawei)",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9199"
},
{
"db": "CNVD",
"id": "CNVD-2022-73696"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9199",
"trust": 2.2
},
{
"db": "CNVD",
"id": "CNVD-2022-73696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-136",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
},
{
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"id": "VAR-202009-1321",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
}
]
},
"last_update_date": "2024-11-23T22:37:14.739000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Command Injection Vulnerabilities in Multiple Huawei Products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/360051"
},
{
"title": "Repair measures for security vulnerabilities in many Huawei products",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127395"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9199"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200902-01-command-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
},
{
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
},
{
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"date": "2020-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-136"
},
{
"date": "2020-09-03T18:15:15.223000",
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-73696"
},
{
"date": "2022-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-136"
},
{
"date": "2024-11-21T05:40:08.770000",
"db": "NVD",
"id": "CVE-2020-9199"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command Injection Vulnerabilities in Multiple Huawei Products",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-73696"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-136"
}
],
"trust": 0.6
}
}