HIGH🇵🇱 Wersja polska

CVE-2014-9690

CVSS 7.5v3.0pub. 2017-04-02upd. 2026-05-13

Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking vulnerability of the WPS protocol because the random number generator (RNG) used in the supplier's solution is not random enough. As a result, brute force cracking the PIN code is easier. After an attacker cracks the PIN, the attacker can access the Internet via the cracked device.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Huawei Ws318

    HW
    Huawei
    wszystkie wersje
  • Huawei Ws318 Firmware

    OS
    Huawei
    ≤ v100r001c01b022
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-0708CRITICAL9.8⚠ KEVten sam vendor

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...

CVE-2026-34865CRITICAL10.0PL ✓ten sam vendor

HarmonyOS: przepełnienie bufora sterty (heap buffer overflow) w module WEB

CVE-2026-28536CRITICAL9.6PL ✓ten sam vendor

Pominięcie uwierzytelnienia w module autoryzacji urządzeń Huawei HarmonyOS

CVE-2025-64314CRITICAL9.3PL ✓ten sam vendor

Błąd kontroli uprawnień w module zarządzania pamięcią Huawei HarmonyOS

CVE-2022-32203CRITICAL9.8PL ✓ten sam vendor

Command injection w drukarkach Huawei CV81-WDM — eskalacja do najwyższych uprawnień