VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of userβs input. An authenticated attacker could launch a command injection attack.
[
{
"product": "VCM5010",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Versions earlier before V100R002C50SPC100"
}
]
}
]