CVE-2017-2737

VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:vcm5010_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:vcm5010:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-22 19:29

Updated : 2023-12-10 12:15


NVD link : CVE-2017-2737

Mitre link : CVE-2017-2737

CVE.ORG link : CVE-2017-2737


JSON object : View

Products Affected

huawei

  • vcm5010_firmware
  • vcm5010
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type