Cross-Site Request Forgery Vulnerabilities in Huawei WS331a Routers
CVE-2016-6158

6.1MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
21 September 2016

Summary

The Huawei WS331a routers, prior to software version WS331a-10 V100R001C01B112, are susceptible to multiple cross-site request forgery vulnerabilities. These vulnerabilities enable remote attackers to exploit the authentication mechanism of the router's administrative interface. Successful exploitation allows attackers to issue requests that can restore factory settings or reboot the device, potentially impacting network integrity and availability.

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.