Cross-Site Request Forgery Vulnerability in Huawei E303 Modems
CVE-2014-2946

Currently unrated

Key Information:

Vendor

Huawei
Status
Webui
E303 Modem Firmware
E303 Modem
Vendor
CVE Published:
2 June 2014

What is CVE-2014-2946?

The vulnerability allows remote attackers to manipulate API operations through the Web UI of Huawei E303 modems. By exploiting this CSRF flaw, adversaries can hijack administrative authentication, enabling them to make unauthorized requests and send SMS messages without permission.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/325636
third-party-advisoryx_refsource_CERT-VN
http://b.fl7.de/2014/05/huawei-e303-sms-vulnerability-CVE...
x_refsource_MISC
http://secunia.com/advisories/58992
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.