CVE-2020-1864

Name of the Vulnerable Software and Affected Versions Secospace AntiDDoS8000 versions V500R001C00 through V500R005C00

Description The issue is related to improper authentication in some Huawei products, allowing a remote attacker to execute arbitrary commands by forging the peer device and sending specific packets to the affected device. This is due to the improper implementation of the authentication function.

Recommendations For Secospace AntiDDoS8000 versions V500R001C00 through V500R005C00, consider disabling the authentication function temporarily until a patch is available. Restrict access to the affected devices to minimize the risk of exploitation. Avoid using the vulnerable authentication mechanism in the affected product versions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.