Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistHuaweiCVELIST:CVE-2018-7937
HistorySep 04, 2018 - 4:00 p.m.

CVE-2018-7937

2018-09-0416:00:00
huawei
www.cve.org

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.6%

JSON

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into installing it. Successful exploit could allow the attacker to obtain the root permission of the device and take full control over the device.

CNA Affected

[
  {
    "product": "HiRouter-CD20, WS5200-10",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "The versions before HiRouter-CD20-10 1.9.6, The versions before WS5200-10 1.9.6"
      }
    ]
  }
]

Related

prion 1
nvd 1
huawei 1
cve 1
prion
prion
Security feature bypass
2018-09-04 16:29:00
nvd
nvd
CVE-2018-7937
2018-09-04 16:29:00
huawei
huawei
Security Advisory - Plug-in Signature Bypass Vulnerability in Some Huawei Products
2018-08-27 00:00:00
cve
cve
CVE-2018-7937
2018-09-04 16:29:00

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.6%

JSON
Related for CVELIST:CVE-2018-7937
prion1nvd1huawei1cve1