CVE-2017-8133

Name of the Vulnerable Software and Affected Versions Huawei iManager NetEco versions V600R008C00 through V600R008C10

Description The issue is related to a command injection vulnerability due to insufficient input validation. An authenticated, remote attacker could exploit this vulnerability to send malicious packets to a target device. Successful exploitation could enable a low privileged user to execute commands that a high privileged user could execute, potentially causing files to be tampered with or deleted.

Recommendations For versions V600R008C00 and V600R008C10, consider restricting access to the system until a patch is available to prevent low privileged users from executing high privileged commands. At the moment, there is no information about a newer version that contains a fix for this vulnerability.