CVE-2020-9122

MEDIUM

Huawei HiRouter and WS Series Firmware - Denial of Service via LAN Input Validation

Title source: llm
STIX 2.1

Description

Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21.

References (1)

Core 1

Scores

CVSS v3 6.5
EPSS 0.0005
EPSS Percentile 15.6%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (7)
huawei/hirouter-cd30-10_firmware 10.0.2.5 - 10.0.5.7
huawei/hirouter-ct31-10_firmware 10.0.2.20 - 10.0.2.37
huawei/ws5200-12_firmware 10.0.1.9 - 10.0.5.6
huawei/ws5281-10_firmware 10.0.5.10 - 10.0.5.32
huawei/ws5800-10_firmware 10.0.3.25 - 10.0.3.33
huawei/ws7100-10_firmware 10.0.5.21 - 10.0.5.37
huawei/ws7200-10_firmware 10.0.5.21 - 10.0.5.37
Published Oct 12, 2020
Tracked Since Feb 18, 2026