CVE-2021-22377

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:s2700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:s6700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:s7700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*

Information

Published : 2021-06-22 12:15

Updated : 2021-06-29 10:07


NVD link : CVE-2021-22377

Mitre link : CVE-2021-22377


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

huawei

  • s5700
  • s6700_firmware
  • s2700
  • s12700
  • s12700_firmware
  • s2700_firmware
  • s5700_firmware
  • s7700_firmware
  • s6700
  • s7700