CVE-2018-7941

Summary

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.iBMCV200R002C60affected

Weaknesses

  • authentication bypass

ADP Enrichment

CVE Program Container

Additional References

References