Vulnerability CVE-2016-6158
Published: 2016-09-21

Description:
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors.

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
9.2/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
Complete
Affected software
Huawei -> Ws331a router firmware 

 References:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160907-01-ws331a-en
Copyright 2024, cxsecurity.com

 

Back to Top