CVE-2017-15328

2017-12-2217:00:00

huawei

www.cve.org

0.002 Low

EPSS

Percentile

53.6%

JSON

Huawei HG8245H version earlier than V300R018C00SPC110 has an authentication bypass vulnerability. An attacker can access a specific URL of the affect product. Due to improper verification of the privilege, successful exploitation may cause information leak.

CNA Affected

[
  {
    "product": "HG8245H",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "Earlier than EchoLife HG8245H V300R018C00SPC110"
      }
    ]
  }
]

References

support.huawei.com/carrier/docview%21docview?nid=DOC1000441394&path=PBI1-7275726/PBI1-7275742/PBI1-7912539/PBI1-22318696/PBI1-8952133/PBI1-8957546/PBI1-22412232/PBI1-22412234/PBI1-22807623

hacked0x90.wordpress.com/2017/11/30/hg8245h-authentication-bypass/

0.002 Low

EPSS

Percentile

53.6%

JSON

Related for CVELIST:CVE-2017-15328