Command Injection Vulnerability in Huawei S-Series Switches (V200R019C00SPC500)

Command Injection Vulnerability in Huawei S-Series Switches (V200R019C00SPC500)

CVE-2021-22377 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.

Learn more about our Web Application Penetration Testing UK.