VYPR
High severity8.8NVD Advisory· Published Jun 1, 2018· Updated Jun 17, 2026

CVE-2018-7950

CVE-2018-7950

Description

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Huawei/iBMCllm-fuzzy
  • Huawei Technologies Co., Ltd./1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3v5
    Range: 1288H V5 V100R005C00

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.