Vulnerability Details CVE-2020-9199
B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.3%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 7.7
References
Products affected by CVE-2020-9199
-
cpe:2.3:h:huawei:b2368-22:-
-
cpe:2.3:h:huawei:b2368-57:-
-
cpe:2.3:h:huawei:b2368-66:-
-
cpe:2.3:o:huawei:b2368-22_firmware:v100r001c00
-
cpe:2.3:o:huawei:b2368-57_firmware:v100r001c00
-
cpe:2.3:o:huawei:b2368-66_firmware:v100r001c00