Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-5395
HistoryNov 21, 2014 - 3:59 p.m.

CVE-2014-5395

2014-11-2115:59:00
CWE-352
[email protected]
web.nvd.nist.gov
43
cve
csrf
vulnerabilities
huawei
hilink
e3276
e3236
tcpu
webui
e5180s-22
e586bs-2
remote attackers
authentication
hijack
nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.7%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users for requests that (1) modify configurations, (2) send SMS messages, or have other unspecified impact via unknown vectors.

Affected configurations

NVD
Node
huaweie5180s-22_firmwareRangee5180s-22tcpu-21.270.05.01.00
Node
huaweie3276_firmwareRangewebui-13.100.09.00.03
Node
huaweie3276_firmwareRangee3276s-150tcpu-22.265.03.00.00
Node
huaweie3236_firmwareRangewebui-13.100.10.00.03
Node
huaweie586bs-2_firmwareRangee586bs-2tcpu-21.322.08.00.889
Node
huaweie3236_firmwareRangee3236s-2tcpu-22.146.29.00.00

Related

packetstorm 1
prion 1
cvelist 1
nvd 1
huawei 1
zdt 1
exploitpack 1
checkpoint_advisories 1
exploitdb 1
packetstorm
packetstorm
Huawei E5330 21.210.09.00.158 Cross Site Request Forgery
2019-01-07 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-11-21 15:59:00
cvelist
cvelist
CVE-2014-5395
2014-11-21 15:00:00
nvd
nvd
CVE-2014-5395
2014-11-21 15:59:00
huawei
huawei
Security Advisory-CSRF Vulnerability in Huawei HiLink Products
2014-08-06 00:00:00
zdt
zdt
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS) Exploit
2019-01-07 00:00:00
exploitpack
exploitpack
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
2019-01-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Huawei Router Authentication Bypass (CVE-2014-5395)
2019-01-08 00:00:00
exploitdb
exploitdb
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
2019-01-07 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.7%

JSON
Related for CVE-2014-5395
packetstorm1prion1cvelist1nvd1huawei1zdt1exploitpack1checkpoint_advisories1exploitdb1