CVE-2020-9075
MEDIUMHuawei Secospace USG6300/USG6300E/USG6600 - Information Disclosure via Insufficient Input Verification
Title source: llmDescription
Huawei products Secospace USG6300;USG6300E with versions of V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10;V600R006C00 have a vulnerability of insufficient input verification. An attacker with limited privilege can exploit this vulnerability to access a specific directory. Successful exploitation of this vulnerability may lead to information leakage.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-validation-en
Scores
CVSS v3
6.5
EPSS
0.0015
EPSS Percentile
35.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-20
Status
published
Products (7)
huawei/secospace_usg6300_firmware
v500r005c00
huawei/secospace_usg6300_firmware
v500r005c10
huawei/secospace_usg6600_firmware
v500r001c30
huawei/secospace_usg6600_firmware
v500r001c50
huawei/secospace_usg6600_firmware
v500r001c60
huawei/secospace_usg6600_firmware
v500r001c80
huawei/usg6300e_firmware
v600r006c00
Published
Jun 15, 2020
Tracked Since
Feb 18, 2026