Lucene search
K

4 matches found

Saint
Saint
added 2018/01/02 12:0 a.m.554 views

Huawei UPnP DeviceUpgrade command injection

Added: 01/02/2018 BID: 102344 Background Huawei home routers support the DeviceUpgrade service type over the Universal Plug and Play UPnP protocol to facilitate upgrading of firmware. Problem A remote authenticated attacker can execute arbitrary commands injected into the NewStatusURL XML element...

7.6AI score
Exploits0
Saint
Saint
added 2018/01/02 12:0 a.m.21 views

Huawei UPnP DeviceUpgrade command injection

Added: 01/02/2018 BID: 102344 Background Huawei home routers support the DeviceUpgrade service type over the Universal Plug and Play UPnP protocol to facilitate upgrading of firmware. Problem A remote authenticated attacker can execute arbitrary commands injected into the NewStatusURL XML element...

8AI score
Exploits0
Saint
Saint
added 2018/01/02 12:0 a.m.552 views

Huawei UPnP DeviceUpgrade command injection

Added: 01/02/2018 BID: 102344 Background Huawei home routers support the DeviceUpgrade service type over the Universal Plug and Play UPnP protocol to facilitate upgrading of firmware. Problem A remote authenticated attacker can execute arbitrary commands injected into the NewStatusURL XML element...

8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/12/28 2:1 p.m.368 views

Code Used in Zero Day Huawei Router Attack Made Public

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or...

10CVSS10AI score0.99975EPSS
Exploits8References5
Rows per page
Query Builder