Imanager Neteco 6000
CVE-2020-9200
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
AnalysisAI
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-1236. There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device. Affected products include: Huawei Imanager Neteco 6000.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Imanager Neteco 6000
View allA buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that t
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. Rated medium severity (CV
There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. Rated medium severity (CVSS 6.5
Same technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today