Session Hijacking Vulnerability in Huawei AR Routers and S Series Switches

CVE-2012-6571

What is CVE-2012-6571?

The HTTP module within the Branch Intelligent Management System (BIMS) and the web management components of various Huawei AR routers and S series switches suffers from a session hijacking vulnerability. This issue arises from the use of predictable Session ID values that are susceptible to brute-force attacks, allowing remote attackers to forcibly seize control of an active session. As a result, unauthorized users may gain access to sensitive information or perform actions on behalf of another user, compromising the security of the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References