CVE-2020-9068
CRITICALHuawei AR3200 Firmware V200R007/009 - Improper Authentication
Title source: llmDescription
Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en
Scores
CVSS v3
9.8
EPSS
0.0016
EPSS Percentile
36.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (5)
huawei/ar3200_firmware
v200r007c00spc900
huawei/ar3200_firmware
v200r007c00spca00
huawei/ar3200_firmware
v200r007c00spcb00
huawei/ar3200_firmware
v200r007c00spcc00
huawei/ar3200_firmware
v200r009c00spc500
Published
Apr 27, 2020
Tracked Since
Feb 18, 2026