Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-json-en | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: huawei
Published: 2018-05-24T14:00:00
Updated: 2018-05-24T13:57:01
Reserved: 2018-03-09T00:00:00
Link: CVE-2018-7902
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-24T14:29:00.437
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-7902
JSON object: View
Redhat Information
No data.
CWE