Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

E585U-82 Security Vulnerabilities - February

cve
cve

CVE-2012-5968

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network.

6.5AI Score

0.002EPSS

2012-12-19 11:55 AM
28
cve
cve

CVE-2012-5969

Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi.

7AI Score

0.002EPSS

2012-12-19 11:55 AM
30
cve
cve

CVE-2012-5970

The Huawei E585 device allows remote attackers to cause a denial of service (NULL pointer dereference and device outage) via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software.

6.9AI Score

0.002EPSS

2012-12-19 11:55 AM
22