CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
71.6%
Several Huawei HiLink products have the CSRF Vulnerability. When users use these devices to visit websites that contain malicious scripts, the malicious scripts can exploit the vulnerability to change the configurations or use the functions of products. (Vulnerability ID: HWPSIRT-2014-0243)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-5395.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | e3276_firmware | e3276s-150tcpu-22.265.03.00.00 | cpe:2.3:o:huawei:e3276_firmware:e3276s-150tcpu-22.265.03.00.00:*:*:*:*:*:*:* |
huawei | e3276_firmware | webui-13.100.09.00.03 | cpe:2.3:o:huawei:e3276_firmware:webui-13.100.09.00.03:*:*:*:*:*:*:* |
huawei | e3236_firmware | e3236s-2tcpu-22.146.29.00.00 | cpe:2.3:o:huawei:e3236_firmware:e3236s-2tcpu-22.146.29.00.00:*:*:*:*:*:*:* |
huawei | e3236_firmware | webui-13.100.10.00.03 | cpe:2.3:o:huawei:e3236_firmware:webui-13.100.10.00.03:*:*:*:*:*:*:* |
huawei | e5180s-22_firmware | e5180s-22tcpu-21.270.05.01.00 | cpe:2.3:o:huawei:e5180s-22_firmware:e5180s-22tcpu-21.270.05.01.00:*:*:*:*:*:*:* |
huawei | e586bs-2_firmware | e586bs-2tcpu-21.322.08.00.889 | cpe:2.3:o:huawei:e586bs-2_firmware:e586bs-2tcpu-21.322.08.00.889:*:*:*:*:*:*:* |