CVE-2015-2252
Huawei OceanStor UDS devices prior to V100R002C01SPC102 are affected by CVE-2015-2252 where an attacker can inject shell scripts into UDS patches and execute them with root privileges via a crafted patch. CNVD-2017-22533 confirms a remote code injection vector in UDS V100R002C01SPC101 and earlier...