VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user’s input. An authenticated attacker could launch a command injection attack.
CPE | Name | Operator | Version |
---|---|---|---|
vcm5010_firmware | eq | < v100r2c50spc100 |