CVE-2020-9122

Published: Oct 12, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21.

Affected (7)

Products: Huawei: Hirouter Cd30 10 Firmware, Hirouter Ct31 10 Firmware, Ws5200 12 Firmware, Ws5281 10 Firmware, Ws5800 10 Firmware, Ws7100 10 Firmware, Ws7200 10 Firmware

Huawei

7 products

Hirouter Cd30 10 Firmware

Hirouter Ct31 10 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Cd30 10 Firmware	From 10.0.2.5 to 10.0.5.7

Running on/with	Platform Versions
Huawei Hirouter Cd30 10	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Ct31 10 Firmware	From 10.0.2.20 to 10.0.2.37

Running on/with	Platform Versions
Huawei Hirouter Ct31 10	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5200 12 Firmware	From 10.0.1.9 to 10.0.5.6

Running on/with	Platform Versions
Huawei Ws5200 12	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5281 10 Firmware	From 10.0.5.10 to 10.0.5.32

Running on/with	Platform Versions
Huawei Ws5281 10	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5800 10 Firmware	From 10.0.3.25 to 10.0.3.33

Running on/with	Platform Versions
Huawei Ws5800 10	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws7100 10 Firmware	From 10.0.5.21 to 10.0.5.37

Running on/with	Platform Versions
Huawei Ws7100 10	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws7200 10 Firmware	From 10.0.5.21 to 10.0.5.37

Running on/with	Platform Versions
Huawei Ws7200 10	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en

Source: psirt@huawei.com

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.