Huawei FusionCompute is a computer virtualization engine from Huawei (China). A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager (VRM) and Compute Node Agent (CNA). The vulnerability stems from the fact that special characters are not effectively filtered and can be exploited by attackers to perform command injection when processing certificate files in certain scenarios.