Vulnerabilites related to huawei - ws5200-12_firmware
CVE-2020-9122 (GCVE-0-2020-9122)
Vulnerability from cvelistv5
Published
2020-10-12 13:37
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insufficient Input Verification
Summary
Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HiRouter-CD30-10;HiRouter-CT31-10;WS5200-12;WS5281-10;WS5800-10;WS7100-10;WS7200-10 |
Version: 10.0.2.5 Version: 10.0.2.20 Version: 10.0.1.9 Version: 10.0.5.10 Version: 10.0.3.25 Version: 10.0.5.21 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HiRouter-CD30-10;HiRouter-CT31-10;WS5200-12;WS5281-10;WS5800-10;WS7100-10;WS7200-10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "10.0.2.5"
},
{
"status": "affected",
"version": "10.0.2.20"
},
{
"status": "affected",
"version": "10.0.1.9"
},
{
"status": "affected",
"version": "10.0.5.10"
},
{
"status": "affected",
"version": "10.0.3.25"
},
{
"status": "affected",
"version": "10.0.5.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Input Verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T13:37:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HiRouter-CD30-10;HiRouter-CT31-10;WS5200-12;WS5281-10;WS5800-10;WS7100-10;WS7200-10",
"version": {
"version_data": [
{
"version_value": "10.0.2.5"
},
{
"version_value": "10.0.2.20"
},
{
"version_value": "10.0.1.9"
},
{
"version_value": "10.0.5.10"
},
{
"version_value": "10.0.3.25"
},
{
"version_value": "10.0.5.21"
},
{
"version_value": "10.0.5.21"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Input Verification"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9122",
"datePublished": "2020-10-12T13:37:31",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | hirouter-cd30-10_firmware | * | |
| huawei | hirouter-cd30-10 | - | |
| huawei | hirouter-ct31-10_firmware | * | |
| huawei | hirouter-ct31-10 | - | |
| huawei | ws5200-12_firmware | * | |
| huawei | ws5200-12 | - | |
| huawei | ws5281-10_firmware | * | |
| huawei | ws5281-10 | - | |
| huawei | ws5800-10_firmware | * | |
| huawei | ws5800-10 | - | |
| huawei | ws7100-10_firmware | * | |
| huawei | ws7100-10 | - | |
| huawei | ws7200-10_firmware | * | |
| huawei | ws7200-10 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hirouter-cd30-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21DAB41B-30DC-4621-9AF0-D60EAB48511B",
"versionEndExcluding": "10.0.5.7",
"versionStartIncluding": "10.0.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hirouter-cd30-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "593BD59F-41AA-4AEB-8F13-43484BE26E1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hirouter-ct31-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B841D5-A00F-4A94-B90D-3183C33429FB",
"versionEndExcluding": "10.0.2.37",
"versionStartIncluding": "10.0.2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hirouter-ct31-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD8A7CD-6AF2-4681-9DED-1A225623FC18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ws5200-12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EACB670B-E1DC-4734-9683-D3A732F61A54",
"versionEndIncluding": "10.0.5.6",
"versionStartIncluding": "10.0.1.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ws5200-12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10DE8454-E98B-4AA4-97A9-61DC3BB0E4B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ws5281-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6855ED3B-FD30-4A51-B748-68A21DDD183D",
"versionEndExcluding": "10.0.5.32",
"versionStartIncluding": "10.0.5.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ws5281-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A157FDA-330F-4DF0-AF48-8570B4734D62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ws5800-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE6EB21-4CBC-4E98-BC81-05A298941727",
"versionEndExcluding": "10.0.3.33",
"versionStartIncluding": "10.0.3.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ws5800-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED553DD3-585A-4BD2-9291-B9C09AC6AC40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ws7100-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F83A176-A2F9-478C-BFA3-1A637095E88B",
"versionEndExcluding": "10.0.5.37",
"versionStartIncluding": "10.0.5.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ws7100-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "990433C4-F54F-4B50-8972-68F1CF485E1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ws7200-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "923DA700-265A-4099-BC3D-E5A44A1D747F",
"versionEndExcluding": "10.0.5.37",
"versionStartIncluding": "10.0.5.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ws7200-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC813CE-339B-4DB6-9920-D64D185FDDD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21."
},
{
"lang": "es",
"value": "Algunos productos Huawei presentan una vulnerabilidad de verificaci\u00f3n de entrada insuficiente.\u0026#xa0;Los atacantes pueden explotar esta vulnerabilidad en la LAN para causar un servicio anormal en los dispositivos afectados. Las versiones de productos afectados incluyen: HiRouter-CD30-10 versi\u00f3n 10.0.2.5; HiRouter-CT31-10 versi\u00f3n 10.0.2.20; WS5200-12 versi\u00f3n 10.0.1.9; WS5281 -10 versi\u00f3n 10.0.5.10; WS5800-10 versi\u00f3n 10.0.3.25; WS7100-10 versi\u00f3n 10.0.5.21; WS7200-10 versi\u00f3n 10.0.5.21"
}
],
"id": "CVE-2020-9122",
"lastModified": "2024-11-21T05:40:05.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-12T14:15:14.387",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}