CVE-2020-9085

Summary

There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send specially crafted POST messages to the affected products. Due to insufficient validation of some parameter in the message, successful exploit may cause some process abnormal. (Vulnerability ID: HWPSIRT-2017-10105)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9085.

Affected Software

VendorProductVersion RangeStatus
HuaweiHUAWEI 4G Router B612B612s-25dTCPU-V100R001B192D03SP00C234affected
HuaweiHUAWEI 4G Router B612B612s-25dTCPU-V100R001B192D03SP00C287affected
HuaweiHUAWEI 4G Router B612B612s-25dTCPU-V100R001B192D05SP00C00affected

Weaknesses

  • CWE-476: CWE-476 NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References