EUVD-2018-19649

Malware in sbrugna...

Input validation error vulnerability in multiple Huawei products (CNVD-2020-68353)

Huawei HiRouter-CD30-10 and others are a wireless router from Huawei China. An input validation error vulnerability exists in multiple Huawei products. An attacker could use this vulnerability to cause service anomalies on affected devices within a local area network LAN...

CVE-2020-9122

Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version...

CVE-2020-9122

Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version...

Multiple Huawei Products Input Validation Error Vulnerability

The Huawei HiRouter-CD15-10, among others, is a wireless router from the Chinese company Huawei Huawei. An input validation error vulnerability exists in multiple Huawei products, which can be exploited by an attacker to obtain files on the device and upload files to certain directories by sendin...

Multiple Huawei Products Improperly Licensed Vulnerability

The Huawei HiRouter-CD15-10, among others, is a wireless router from the Chinese company Huawei Huawei. An improper authorization vulnerability exists in multiple Huawei products, which can be exploited by attackers to execute uploaded malicious files and elevate privileges...

CVE-2018-7937

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into...

CVE-2018-7937

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into...

Security feature bypass

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into...

CVE-2018-7937

Affected products are Huawei HiRouter-CD20-10 and WS5200-10, with versions before 1.9.6. The issue is a plug-in signature bypass caused by insufficient plug-in verification, enabling an attacker to tamper with a legitimate plug-in to install a malicious one. Successful exploit could grant root ac...

CVE-2018-7937

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into...

Plug-in Signature Bypass Vulnerability in Multiple Huawei Products

Huawei HiRouter-CD20 and WS5200-10 are both home router products released by Huawei China. A plug-in signature bypass security vulnerability exists in several Huawei products. An attacker can build a malicious plug-in by tampering with a legitimate plug-in. When the attacker induces the user to...

CVE-2018-7933

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into...

Path traversal

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into...

CVE-2018-7933

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into...

CVE-2018-7933

CVE-2018-7933 affects Huawei HiRouter-CD20 and WS5200 home gateways (pre-1.9.6 releases). The root cause is insufficient validation when installing APK plugins, allowing a malicious APK to be tricked onto the device and overwrite arbitrary files. This can lead to arbitrary code execution or privi...

Huawei HiRouter-CD20 and WS5200 Path Traversal Vulnerability

Huawei HiRouter-CD20 and WS5200 are both home router products released by Huawei China. A path traversal vulnerability exists in the Huawei HiRouter-CD20 HiRouter-CD20-10 prior to version 1.9.6 and the WS5200 WS5200-10 prior to version 1.9.6, which stems from insufficient checksums when the progr...