Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20141114-01-WS860S
HistoryNov 14, 2014 - 12:00 a.m.

Security Advisory-File Upload Vulnerability on Huawei Honor Cube Wireless Router WS860s

2014-11-1400:00:00
Huawei Technologies
www.huawei.com
14

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.4%

JSON

Huawei Honor Cube wireless router WS860s supports the file upload function. It allows users to access its files through the web page. As the device is unable to verify every type of file to be uploaded and does not strictly restrict the file access path through the web page, attackers may upload malicious files to the device and execute them, resulting in information leaks and file tampering (Vulnerability ID: HWPSIRT-2014-0946).

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-9134

Affected configurations

Vulners
Node
huaweiws860sRange<V100R001C02B219
CPENameOperatorVersion
ws860sltV100R001C02B219

Related

cve 1
nvd 1
prion 1
cvelist 1
cve
cve
CVE-2014-9134
2014-12-03 21:59:01
nvd
nvd
CVE-2014-9134
2014-12-03 21:59:01
prion
prion
Unrestricted file upload
2014-12-03 21:59:00
cvelist
cvelist
CVE-2014-9134
2014-12-03 21:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.4%

JSON
Related for HUAWEI-SA-20141114-01-WS860S
cve1nvd1prion1cvelist1