CVE-2020-9122: Input Validation
First published: Mon Oct 12 2020(Updated: )
Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Hirouter-cd30-10 Firmware | >=10.0.2.5<10.0.5.7 | |
| Huawei Hirouter-cd30-10 | ||
| Huawei Hirouter-ct31-10 Firmware | >=10.0.2.20<10.0.2.37 | |
| Huawei Hirouter-ct31-10 | ||
| Huawei Ws5200-12 Firmware | >=10.0.1.9<=10.0.5.6 | |
| Huawei Ws5200-12 | ||
| Huawei Ws5281-10 Firmware | >=10.0.5.10<10.0.5.32 | |
| Huawei Ws5281-10 | ||
| Huawei Ws5800-10 Firmware | >=10.0.3.25<10.0.3.33 | |
| Huawei Ws5800-10 | ||
| Huawei Ws7100-10 Firmware | >=10.0.5.21<10.0.5.37 | |
| Huawei Ws7100-10 | ||
| Huawei Ws7200-10 Firmware | >=10.0.5.21<10.0.5.37 | |
| Huawei Ws7200-10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-9122?
CVE-2020-9122 is a vulnerability found in some Huawei products that allows attackers to cause service abnormality through an insufficient input verification vulnerability in the LAN.
Which Huawei products are affected by CVE-2020-9122?
The affected products include Huawei HiRouter-CD30-10 version 10.0.2.5, Huawei HiRouter-CT31-10 version 10.0.2.20, and Huawei WS5200-12 version 10.0.1.9 to version 10.0.5.6.
How severe is CVE-2020-9122?
CVE-2020-9122 has a severity score of 6.5, categorized as medium severity.
How can attackers exploit CVE-2020-9122?
Attackers can exploit CVE-2020-9122 by taking advantage of the insufficient input verification in the LAN of affected Huawei products to disrupt the normal operation of the services.
Where can I find more information about CVE-2020-9122?
You can find more information about CVE-2020-9122 on Huawei's official website in their security advisory: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-verification-en
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei hirouter-cd30-10 firmware
- version/huawei hirouter-cd30-10 firmware/10.0.2.5
- canonical/huawei hirouter-cd30-10
- canonical/huawei hirouter-ct31-10 firmware
- version/huawei hirouter-ct31-10 firmware/10.0.2.20
- canonical/huawei hirouter-ct31-10
- canonical/huawei ws5200-12 firmware
- version/huawei ws5200-12 firmware/10.0.1.9
- version/huawei ws5200-12 firmware/10.0.5.6
- canonical/huawei ws5200-12
- canonical/huawei ws5281-10 firmware
- version/huawei ws5281-10 firmware/10.0.5.10
- canonical/huawei ws5281-10
- canonical/huawei ws5800-10 firmware
- version/huawei ws5800-10 firmware/10.0.3.25
- canonical/huawei ws5800-10
- canonical/huawei ws7100-10 firmware
- version/huawei ws7100-10 firmware/10.0.5.21
- canonical/huawei ws7100-10
- canonical/huawei ws7200-10 firmware
- version/huawei ws7200-10 firmware/10.0.5.21
- canonical/huawei ws7200-10