Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20140806-01-HILINK
HistoryAug 06, 2014 - 12:00 a.m.

Security Advisory-CSRF Vulnerability in Huawei HiLink Products

2014-08-0600:00:00
Huawei Technologies
www.huawei.com
13

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.003

Percentile

71.6%

JSON

Several Huawei HiLink products have the CSRF Vulnerability. When users use these devices to visit websites that contain malicious scripts, the malicious scripts can exploit the vulnerability to change the configurations or use the functions of products. (Vulnerability ID: HWPSIRT-2014-0243)

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-5395.

Affected configurations

Vulners
Node
huaweie3276_firmwareMatche3276s-150tcpu-22.265.03.00.00
OR
huaweie3276_firmwareMatchwebui-13.100.09.00.03
OR
huaweie3236_firmwareMatche3236s-2tcpu-22.146.29.00.00
OR
huaweie3236_firmwareMatchwebui-13.100.10.00.03
OR
huaweie5180s-22_firmwareMatche5180s-22tcpu-21.270.05.01.00
OR
huaweie586bs-2_firmwareMatche586bs-2tcpu-21.322.08.00.889
VendorProductVersionCPE
huaweie3276_firmwaree3276s-150tcpu-22.265.03.00.00cpe:2.3:o:huawei:e3276_firmware:e3276s-150tcpu-22.265.03.00.00:*:*:*:*:*:*:*
huaweie3276_firmwarewebui-13.100.09.00.03cpe:2.3:o:huawei:e3276_firmware:webui-13.100.09.00.03:*:*:*:*:*:*:*
huaweie3236_firmwaree3236s-2tcpu-22.146.29.00.00cpe:2.3:o:huawei:e3236_firmware:e3236s-2tcpu-22.146.29.00.00:*:*:*:*:*:*:*
huaweie3236_firmwarewebui-13.100.10.00.03cpe:2.3:o:huawei:e3236_firmware:webui-13.100.10.00.03:*:*:*:*:*:*:*
huaweie5180s-22_firmwaree5180s-22tcpu-21.270.05.01.00cpe:2.3:o:huawei:e5180s-22_firmware:e5180s-22tcpu-21.270.05.01.00:*:*:*:*:*:*:*
huaweie586bs-2_firmwaree586bs-2tcpu-21.322.08.00.889cpe:2.3:o:huawei:e586bs-2_firmware:e586bs-2tcpu-21.322.08.00.889:*:*:*:*:*:*:*

Related

exploitdb 1
packetstorm 1
prion 1
cvelist 1
nvd 1
cve 1
zdt 1
exploitpack 1
checkpoint_advisories 1
exploitdb
exploitdb
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
2019-01-07 00:00:00
packetstorm
packetstorm
Huawei E5330 21.210.09.00.158 Cross Site Request Forgery
2019-01-07 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-11-21 15:59:00
cvelist
cvelist
CVE-2014-5395
2014-11-21 15:00:00
nvd
nvd
CVE-2014-5395
2014-11-21 15:59:00
cve
cve
CVE-2014-5395
2014-11-21 15:59:00
zdt
zdt
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS) Exploit
2019-01-07 00:00:00
exploitpack
exploitpack
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
2019-01-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Huawei Router Authentication Bypass (CVE-2014-5395)
2019-01-08 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.003

Percentile

71.6%

JSON
Related for HUAWEI-SA-20140806-01-HILINK
exploitdb1packetstorm1prion1cvelist1nvd1cve1zdt1exploitpack1checkpoint_advisories1