VYPR
Critical severity9.8NVD Advisory· Published Nov 22, 2017· Updated Jun 17, 2026

CVE-2017-2738

CVE-2017-2738

Description

VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthenticated attacker could bypass the authentication by sending a crafted HTTP request. 5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:o:huawei:vcm5010_firmware:*:*:*:*:*:*:*:*
    Range: <v100r002c50spc100
  • Huawei Technologies Co., Ltd./VCM5010v5
    Range: Versions earlier before V100R002C50SPC100

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.