Shodan
Vulnerabilities
Vulnerable Software
Huawei:  >> Fusioncompute  >> 6.5.0  Security Vulnerabilities
CVE-2020-9222
There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.
CVSS Score
7.0
EPSS Score
0.0
Published
2024-12-27
CVE-2021-37102
There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system. Affected product versions include: FusionCompute 6.0.0, 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0.
CVSS Score
8.8
EPSS Score
0.007
Published
2021-11-23
CVE-2021-37105
There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-09-28
CVE-2021-37106
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.
CVSS Score
7.2
EPSS Score
0.005
Published
2021-09-28
CVE-2020-9114
FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-12-01
CVE-2016-6827
Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.001
Published
2016-09-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved