VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170329-01-vcm-en | Vendor Advisory |
http://www.securityfocus.com/bid/97231 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: huawei
Published: 2017-11-15T00:00:00
Updated: 2017-11-23T10:57:01
Reserved: 2016-12-01T00:00:00
Link: CVE-2017-2737
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-11-22T19:29:01.990
Modified: 2017-12-11T17:46:41.237
Link: CVE-2017-2737
JSON object: View
Redhat Information
No data.
CWE