Huawei E587 3G Mobile Hotspot Command Injection

2013-07-15T00:00:00
ID PACKETSTORM:122408
Type packetstorm
Reporter Frederic Basse
Modified 2013-07-15T00:00:00

Description

                                        
                                            `  
-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA1  
  
[CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection  
________________________________________________________________________  
Summary:  
Huawei E587 3G Mobile Hotspot, version 11.203.27, is prone to a command  
injection vulnerability in the Web UI.  
  
Successful exploitation allows unauthenticated attackers to execute  
arbitrary commands with root privileges.  
________________________________________________________________________  
Details:  
The HTTP endpoint "/api/device/time" in Web UI is vulnerable to shell  
command injection. This allows code execution with root privileges.  
________________________________________________________________________  
CVSS Version 2 Metrics:  
Access Vector: Network exploitable  
Access Complexity: Low  
Authentication: Not required to exploit  
Confidentiality Impact: Complete  
Integrity Impact: Complete  
Availability Impact: Complete  
________________________________________________________________________  
Disclosure Timeline:  
2013-03-18 Vendor notified  
2013-03-18 CVE-2013-2612 assigned  
2013-07-15 Public advisory  
________________________________________________________________________  
References:  
http://www.huawei.com/en/security/psirt/  
________________________________________________________________________  
Frédéric Basse  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1.4.12 (GNU/Linux)  
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/  
  
iQEcBAEBAgAGBQJR48qZAAoJENQ4kG3hg80AJMEH/Rdyx2zmDPzr2Ar5Nc+Fw1ih  
aiby28PhIKfXhAst2SrkIp6ogtDEj+PBrgbEy2YJlyKi01z1Uf2UGukxijlQTg7H  
0zYivz55vleBrr9OD/A2pxo7sZZy7eswH5jia5abRUVXYYqEVWYp5KWvzbMPO3CY  
EgLYxE4uv00ojqHCl9QsD7oa+mR52Jur3QZ/IdCbJJZgmEKmwNJvJ8rb6RvTMcae  
+8dWhC8bhfL3UkTW5snYZ4K/euA84LmGvcfd1PXrMAX01xXDdnPJ/JxrzSPLfb1x  
6WyZO6cZpgxQqvogemXKOy2MmnNkWlkK0P9OmmDpBQBI66WnyBUxXNFxEr/HFKo=  
=6yIl  
-----END PGP SIGNATURE-----  
`