Authentication Bypass Vulnerability in Huawei WS331a Routers
CVE-2016-6159

7.5HIGH

Key Information:

Vendor: Huawei
Status: Ws331a Router Firmware
Vendor: CVE Published:; 21 September 2016

Summary

The Huawei WS331a routers have a vulnerability in their management interface that allows remote attackers to bypass authentication and gain unauthorized administrative access by sending specially crafted packets to the LAN interface. This security flaw potentially exposes sensitive network configurations and control by enabling attackers to exploit the router without valid credentials.

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 21, 2016
Vulnerability Reserved
Jul 4, 2016