In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into installing it. Successful exploit could allow the attacker to obtain the root permission of the device and take full control over the device.
oryginał ENCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HHuawei Hirouter Cd20
HWHuaweiwszystkie wersjeHuawei Hirouter Cd20 Firmware
OSHuawei< hirouter-cd20-10_1.9.6Huawei Ws5200 10
HWHuaweiwszystkie wersjeHuawei Ws5200 10 Firmware
OSHuawei< ws5200-10_1.9.6
Powiązane podatności
Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verif...
Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certai...
Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the ...
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...
HarmonyOS: przepełnienie bufora sterty (heap buffer overflow) w module WEB