CVE-2018-7904
Huawei 1288H V5 / 288H V5 (software V100R005C00) expose a JSON injection vulnerability (CVE-2018-7904) in the iBMC server component due to insufficient input validation. An authenticated, remote attacker can inject JSON to modify the administrator password, enabling management privileges on the s...