CVE-2017-2736

Summary

VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user's input. An authenticated attacker could launch a command injection attack.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.VCM5010Versions earlier before V100R002C50SPC100affected

Weaknesses

  • command injection

ADP Enrichment

CVE Program Container

Additional References

References