Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for b2368-22_firmware by huawei

    CVE-2020-9199 (GCVE-0-2020-9199)

    Vulnerability from nvd – Published: 2020-09-03 17:58 – Updated: 2024-08-04 10:19
    VLAI
    Summary
    B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device.
    Severity
    No CVSS data available.
    CWE
    • Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a B2368-22;B2368-57;B2368-66 Affected: V100R001C00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:19:20.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "B2368-22;B2368-57;B2368-66",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R001C00"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-03T17:58:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-9199",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "B2368-22;B2368-57;B2368-66",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R001C00"
                              },
                              {
                                "version_value": "V100R001C00"
                              },
                              {
                                "version_value": "V100R001C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-9199",
        "datePublished": "2020-09-03T17:58:32.000Z",
        "dateReserved": "2020-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:19:20.047Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9199 (GCVE-0-2020-9199)

    Vulnerability from cvelistv5 – Published: 2020-09-03 17:58 – Updated: 2024-08-04 10:19
    VLAI
    Summary
    B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device.
    Severity
    No CVSS data available.
    CWE
    • Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a B2368-22;B2368-57;B2368-66 Affected: V100R001C00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:19:20.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "B2368-22;B2368-57;B2368-66",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R001C00"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-03T17:58:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-9199",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "B2368-22;B2368-57;B2368-66",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R001C00"
                              },
                              {
                                "version_value": "V100R001C00"
                              },
                              {
                                "version_value": "V100R001C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-9199",
        "datePublished": "2020-09-03T17:58:32.000Z",
        "dateReserved": "2020-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:19:20.047Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }