Huawei FusionCompute is a computer virtualization engine from Huawei (China). The product provides Virtual Resource Manager (VRM) and Compute Node Agent (CNA), etc. A command injection vulnerability exists in the Huawei FusionCompute product, which stems from incorrect input validation in the CMA service module when processing default certificate files. An attacker could exploit this vulnerability to execute arbitrary commands on the target system by passing carefully constructed data to the application.