Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.

Related CVEs

CVE-2018-7903

Key Information

GHSA ID

GHSA-pv88-4pq6-2f76

Published

May 13, 2022 1:53 AM

Last Modified

May 13, 2022 1:53 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 31, 2025 6:33 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.