Huawei CV81-WDM FW command execution | CVE-2022-32203

June 7, 2022

NAME

Huawei CV81-WDM FW command execution

  • Platforms Affected:
    Huawei CV81-WDM FW 01.70.49.29.46
  • Risk Level:
    9.8
  • Exploitability:
    Unproven
  • Consequences:
    Gain Access

DESCRIPTION

Huawei CV81-WDM FW could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVSS 3.0 Information

  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Access Vector: Network
  • Access Complexity: Low
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
  • Remediation Level: Official Fix

MITIGATION

Refer to huawei-sa-20220601-01-6b47c6b6 for patch, upgrade or suggested workaround information. See References.

  • Reference Link:
    https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en
  • Reference Link:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32203

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

CISA Logo

US-CERT Vulnerability Summary for the Week of November 4, 2024

November 12, 2024
image

[RAWORLD] – Ransomware Victim: Orange County Pathology Medical Group

November 12, 2024
image

[RAWORLD] – Ransomware Victim: SK Gas

November 12, 2024
CISA Logo

CISA: Ivanti Releases Security Updates for Multiple Products

November 12, 2024
CISA Logo

CISA: Microsoft Releases November 2024 Security Updates

November 12, 2024