CVE-2014-2968

Currently unrated

Key Information:

Vendor: Huawei
Status: E355 Web Ui; E355 Firmware; E355
Vendor: CVE Published:; 24 July 2014

Summary

Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary web script or HTML via an SMS message.

References

http://www.kb.cert.org/vuls/id/688812

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Jul 24, 2014
Vulnerability Reserved
Apr 21, 2014