CVE-2021-37028

2021-08-1315:52:38

huawei

www.cve.org

command injection

hg8045q

administrator privilege

EPSS

Percentile

13.1%

JSON

There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.

CNA Affected

[
  {
    "product": "EchoLife HG8045Q",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "V300R016C00,V300R018C10"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN41646618/index.html

support.huawei.com/carrier/navi?coltype=software#col=software&from=product&detailId=PBI1-252279599&path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383

EPSS

Percentile

13.1%

JSON

Related for CVELIST:CVE-2021-37028