EUVD-2016-7092

Malware in sbrugna...

CVE-2016-6159

The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...

CVE-2016-6159

The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...

CVE-2016-6158

Multiple cross-site request forgery CSRF vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that 1 restore factory settings or 2 reboot the device via unspecified vectors...

CVE-2016-6158

Multiple cross-site request forgery CSRF vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that 1 restore factory settings or 2 reboot the device via unspecified vectors...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that 1 restore factory settings or 2 reboot the device via unspecified vectors...

Authentication flaw

The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...

CVE-2016-6159

The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...

CVE-2016-6159

CVE-2016-6159 affects Huawei WS331a routers; prior to WS331a-10 V100R001C01B112, the management interface could be bypassed via sending specially crafted packages to the LAN interface, allowing remote attackers to gain administrative access. The issue is tied to improper handling during authentic...

CVE-2016-6158

CVE-2016-6158 concerns Huawei WS331a routers running software before WS331a-10 V100R001C01B112. The vulnerability is a Cross-Site Request Forgery (CSRF) in the management interface that lets an unauthenticated attacker cause actions like restoring factory settings or rebooting the device by issui...

Huawei WS331a Cross-Site Request Forgery Vulnerability

The Huawei WS331a is a mini wireless router from the Chinese company Huawei. The Huawei WS331a suffers from a cross-site request forgery vulnerability that allows a remote attacker to construct a malicious URI, trick the user into parsing it, and can perform malicious actions in the context of th...

Huawei WS331a Certificate Management Vulnerability

The Huawei WS331a is a mini wireless router from Huawei China. A certificate management vulnerability exists in Huawei WS331a WS331a-10 V100R001C02B017SP01 and earlier versions. Due to the program failing to properly handle password validation. An attacker could exploit this vulnerability by...

Security Advisory - Two Vulnerabilities in Huawei WS331a

Huawei WS331a is a Mini Wireless route. There is a Cross-site request forgery CSRF vulnerability in the management interface of WS331a products, an unauthenticated attacker could exploit this vulnerability to perform a CSRF attack. Successful exploit could allow the attacker to submit special...