CVE-2017-15313
HIGHHuawei SmartCare V200R003C10 - Authenticated CSV Injection
Title source: llmDescription
Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An remote authenticated attacker could inject malicious CSV expression to the affected device.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20171201-01-smartcare-en
Scores
CVSS v3
8.8
EPSS
0.0018
EPSS Percentile
39.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-74
Status
published
Products (2)
huawei/smartcare
v200r003c10
Huawei Technologies Co., Ltd./SmartCare
V200R003C10
Published
Dec 22, 2017
Tracked Since
Feb 18, 2026