Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
na/

FusionCompute

8 Versions 15 CVEs

Versions

6.3.0,6.3.1,6.5.0,6.5.1,8.0.0

OTHER 1 CVE

V100R005C00,V100R005C10

OTHER 1 CVE

6.5.1

SEMANTIC 1 CVE

6.0.0,6.3.0,6.3.1,6.5.0,6.5.1,8.0.0

OTHER 1 CVE

6.3.0,6.3.1,6.5.0,8.0.0

OTHER 1 CVE

6.5.0,6.5.1,8.0.0

OTHER 1 CVE

6.5.1,8.0.0

OTHER 1 CVE

8.0.0

SEMANTIC 9 CVEs

Recent CVEs

CVE-2021-37102

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system. Affected product versions include: FusionCompute 6.0.0, 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0.

UNKNOWN Nov 23, 2021

CVE-2021-37036

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the information leak.

UNKNOWN Nov 23, 2021

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal.

UNKNOWN Sep 28, 2021

CVE-2021-37106

There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.

UNKNOWN Sep 28, 2021

CVE-2020-9128

FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak.

UNKNOWN Nov 12, 2020

CVE-2020-9246

FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak.

UNKNOWN Aug 21, 2020

CVE-2020-9233

FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.

UNKNOWN Aug 17, 2020

CVE-2020-9242

FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.

UNKNOWN Aug 17, 2020

CVE-2020-9229

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.

UNKNOWN Aug 14, 2020

CVE-2020-9228

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.

UNKNOWN Aug 14, 2020