Security Notice - Statement About the Remote Command Execution Vulnerability in a Huawei Server Caused by Improper Configurations Disclosed by WooYun

Corporativo Brasil [alterar]

Back to Main Menu

Huawei Websites

Corporativo: Sobre a Huawei, Imprensa e Eventos e mais

Pessoal: Celulares, Computadores e Tablets, utensílios e mais

Enterprise: Produtos, soluções e serviços para empresas

Carrier: Produtos, soluções e serviços para operadoras

Huawei Cloud: Produtos e soluções baseados nos serviços da Huawei Cloud

Select a Country or Region

Security Notice - Statement About the Remote Command Execution Vulnerability in a Huawei Server Caused by Improper Configurations Disclosed by WooYun

Initial Release Date: 2015-07-30

Last Release Date: 2015-12-15

Summary

Huawei has noticed that WooYun disclosed a remote command execution vulnerability in Huawei server caused by improper configurations and launched investigation and analysis.

According to the completed investigation, the vulnerability exists in the BPO service software of Huawei eCloud CC solution. Huawei has already assisted customers in fixing this vulnerability.

Revision History

2015-12-15 FINAL
2015-07-30 INITIAL

Huawei Security Procedures

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.

The link of the disclosed information is as follows:

http://www.wooyun.org/bugs/wooyun-2010-0119756

Select a Country or Region

SEARCH HISTORY

Security Notice - Statement About the Remote Command Execution Vulnerability in a Huawei Server Caused by Improper Configurations Disclosed by WooYun