CVE-2020-1789

Name of the Vulnerable Software and Affected Versions Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3)

Description The issue is related to insufficient authentication in the software, which does not require a strong credential for certain operations. This could allow an attacker to pass authentication using a weak credential and perform specific actions.

Recommendations For version 1.0.1.21(SP3), consider implementing strong credential requirements for all operations to mitigate the risk of exploitation. As a temporary workaround, restrict access to sensitive operations that can be performed with weak credentials until a fix is available.