← Retour aux CVEs
CVE-2019-5268
HIGH8.1
Description
Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.
Details CVE
Score CVSS v3.18.1
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie11/29/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
huawei:cd10-10huawei:cd10-10_firmwarehuawei:cd16-10huawei:cd16-10_firmwarehuawei:cd17-10huawei:cd17-10_firmwarehuawei:cd18-10huawei:cd18-10_firmwarehuawei:hirouter-cd15-10huawei:hirouter-cd15-10_firmwarehuawei:hirouter-cd20-10huawei:hirouter-cd20-10_firmwarehuawei:hirouter-cd21-16huawei:hirouter-cd21-16_firmwarehuawei:hirouter-cd30-10huawei:hirouter-cd30-10_firmwarehuawei:hirouter-cd30-11huawei:hirouter-cd30-11_firmwarehuawei:hirouter-h1-10huawei:hirouter-h1-10_firmwarehuawei:tc5200-10huawei:tc5200-10_firmwarehuawei:ws5100-10huawei:ws5100-10_firmwarehuawei:ws5102-10huawei:ws5102-10_firmwarehuawei:ws5106-10huawei:ws5106-10_firmwarehuawei:ws5108-10huawei:ws5108-10_firmwarehuawei:ws5200-10huawei:ws5200-10_firmwarehuawei:ws5200-11huawei:ws5200-11_firmwarehuawei:ws5280-10huawei:ws5280-10_firmwarehuawei:ws5280-11huawei:ws5280-11_firmwarehuawei:ws6500-10huawei:ws6500-10_firmwarehuawei:ws6500-11huawei:ws6500-11_firmwarehuawei:ws826-10huawei:ws826-10_firmware
Faiblesses (CWE)
CWE-20
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en(psirt@huawei.com)
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.