Cross-site Scripting Vulnerability in Huawei E355 Modem
CVE-2014-2968

Currently unrated

Key Information:

Vendor: Huawei
Status: E355 Web Ui; E355 Firmware; E355
Vendor: CVE Published:; 24 July 2014

What is CVE-2014-2968?

A cross-site scripting vulnerability exists in the web interface of the Huawei E355 CH1E355SM modem. This flaw enables remote attackers to inject arbitrary web scripts or HTML through specially crafted SMS messages, potentially leading to unauthorized actions performed on behalf of users accessing the affected device through web sessions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/688812

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Jul 24, 2014
Vulnerability Reserved
Apr 21, 2014

JSON

Huawei

What is CVE-2014-2968?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.