CVE-2021-22377

Summary

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.

Affected Software

VendorProductVersion RangeStatus
n/aS12700;S2700;S5700;S6700;S7700V200R019C00SPC500affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References