CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-2736

VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user's input. An authenticated attacker could launch a command injection attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.0%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170329-01-vcm-en
http://www.securityfocus.com/bid/97231
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170329-01-vcm-en
http://www.securityfocus.com/bid/97231

Products affected by CVE-2017-2736

Huawei » Vcm5010 » Version: N/A

cpe:2.3:h:huawei:vcm5010:-
Huawei » Vcm5010 Firmware » Version: v100r001c10b010

cpe:2.3:o:huawei:vcm5010_firmware:v100r001c10b010

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2736

Products

Pricing

Contact Us