Vulnerabilites related to huawei - ws5280-11
Vulnerability from fkie_nvd
Published
2019-11-29 21:15
Modified
2024-11-21 04:44
Severity ?
Summary
Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd10-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1D1F115-4B8D-498E-A1C0-FB2A99D86314", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd10-10:-:*:*:*:*:*:*:*", matchCriteriaId: "DB8FC9A3-B7E5-4AC8-8335-1FE9F434A75B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "693353FE-21A4-4A20-B84B-88CD5A94E7C9", versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*", matchCriteriaId: "5E4BF946-F846-4B59-A8BD-71D3C32FA9DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F39EBBE2-02F4-49C9-A37E-1A8055A7A29E", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*", matchCriteriaId: "86840A12-552E-4673-9459-9C888D311227", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AB3D1A03-BF26-49EF-818F-E2605BCE7CA9", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd18-10:-:*:*:*:*:*:*:*", matchCriteriaId: "C3B85A0E-7A60-464B-BDA0-F62CBB91D469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd15-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0EB8D0D-664A-4328-A340-B800D4C4F82F", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd15-10:-:*:*:*:*:*:*:*", matchCriteriaId: "F50D5403-BDD7-4733-8EB2-AF960998EC29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd20-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D65D593-3B3C-454F-B03D-EA098A66A8D7", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd20-10:-:*:*:*:*:*:*:*", matchCriteriaId: "9F964D58-E5DC-459F-8BAE-DC64611C0B1F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd21-16_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AE1D8B1-E2E7-430E-892E-8B0CF866E324", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd21-16:-:*:*:*:*:*:*:*", matchCriteriaId: "24346A08-F63F-4C1C-9C56-C38CFE951319", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd30-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E14134F5-65F9-4AA6-B0B0-D0BB29DD236A", versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd30-10:-:*:*:*:*:*:*:*", matchCriteriaId: "593BD59F-41AA-4AEB-8F13-43484BE26E1A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd30-11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "749DBE68-7829-4C8C-8E77-A318A6C069E9", versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd30-11:-:*:*:*:*:*:*:*", matchCriteriaId: "2A60FDB8-D441-4758-8039-EC72D82129F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-h1-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23F869F-205E-4A16-8F39-D2ADE2FC0110", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-h1-10:-:*:*:*:*:*:*:*", matchCriteriaId: "EFF176F6-C4F5-42C4-8062-944BE659B676", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tc5200-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7964BB3B-2879-42EB-BFC9-88DA80810424", versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tc5200-10:-:*:*:*:*:*:*:*", matchCriteriaId: "677940C5-A53E-400C-A1B1-3AD9E7A5D8A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5100-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A5784B9-75DB-4B3C-A39C-BA5981FE59E8", versionEndExcluding: "10.0.2.7", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5100-10:-:*:*:*:*:*:*:*", matchCriteriaId: "9047E74D-FCB4-4AC9-AFD4-4671EA894C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5102-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB327892-DEFF-46E6-8455-BC46BA9A3618", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5102-10:-:*:*:*:*:*:*:*", matchCriteriaId: "1D7CF494-9BFA-4285-B605-F71038D43F3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5106-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "680447F5-F22A-4CB7-82B2-592F2ABDF1BB", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5106-10:-:*:*:*:*:*:*:*", matchCriteriaId: "DB016862-3469-4CD9-BAE5-5E402FEB6F67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5108-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2A92FF02-EDC8-4CA7-B73A-F2EDF16F19FC", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5108-10:-:*:*:*:*:*:*:*", matchCriteriaId: "FEEABBD3-61FF-4153-8A74-6EDAAF8139FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5200-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D2C5040-4164-4AD5-990C-D0BDBB603CDB", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5200-10:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABF0A04-286D-41DE-BA82-849C05C8AF28", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5200-11_firmware:9.0.3.11:*:*:*:*:*:*:*", matchCriteriaId: "FFD3E480-43D6-4C4C-B87A-D30A4B22A57B", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:ws5200-11_firmware:10.0.2.3:*:*:*:*:*:*:*", matchCriteriaId: "D35B3544-C774-40CD-A1F0-809DE8CAE106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*", matchCriteriaId: "C907A885-BA32-4819-B53C-0FBFE38C2510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5280-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7EAA3A7-B89D-4590-9052-B54725494E71", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5280-10:-:*:*:*:*:*:*:*", matchCriteriaId: "2EBF21E5-8CF6-48DA-80ED-58AE59CDA069", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5280-11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF2E5FB0-A4E7-49D1-A599-10FB1546EC70", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5280-11:-:*:*:*:*:*:*:*", matchCriteriaId: "36E769E6-D560-4E9F-9AC6-93744DAAF051", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws6500-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E7A7D72-7B25-44B6-9104-E1C246A87794", versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws6500-10:-:*:*:*:*:*:*:*", matchCriteriaId: "8C660061-69B0-43B8-BFD3-E858C6B2B437", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws6500-11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B459C5EE-1F5A-4E23-89CE-E52E8FBB5926", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws6500-11:-:*:*:*:*:*:*:*", matchCriteriaId: "FB0E9103-6DDF-4140-8C60-39B667B982D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws826-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDF101FC-6BD1-48E5-8ADB-B6B9C29F08AE", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws826-10:-:*:*:*:*:*:*:*", matchCriteriaId: "F771D83F-8EBA-47E9-9260-C49605EEBCEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.", }, { lang: "es", value: "Algunos enrutadores domésticos de Huawei presentan una vulnerabilidad de comprobación de entrada. Debido a que el parámetro de entrada no es verificado correctamente, un atacante puede explotar esta vulnerabilidad mediante el envío de paquetes especiales construidos para obtener archivos en el dispositivo y cargar archivos en algunos directorios.", }, ], id: "CVE-2019-5268", lastModified: "2024-11-21T04:44:38.527", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-29T21:15:11.387", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-29 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd10-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1D1F115-4B8D-498E-A1C0-FB2A99D86314", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd10-10:-:*:*:*:*:*:*:*", matchCriteriaId: "DB8FC9A3-B7E5-4AC8-8335-1FE9F434A75B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "693353FE-21A4-4A20-B84B-88CD5A94E7C9", versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*", matchCriteriaId: "5E4BF946-F846-4B59-A8BD-71D3C32FA9DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F39EBBE2-02F4-49C9-A37E-1A8055A7A29E", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*", matchCriteriaId: "86840A12-552E-4673-9459-9C888D311227", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AB3D1A03-BF26-49EF-818F-E2605BCE7CA9", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cd18-10:-:*:*:*:*:*:*:*", matchCriteriaId: "C3B85A0E-7A60-464B-BDA0-F62CBB91D469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd15-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0EB8D0D-664A-4328-A340-B800D4C4F82F", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd15-10:-:*:*:*:*:*:*:*", matchCriteriaId: "F50D5403-BDD7-4733-8EB2-AF960998EC29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd20-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D65D593-3B3C-454F-B03D-EA098A66A8D7", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd20-10:-:*:*:*:*:*:*:*", matchCriteriaId: "9F964D58-E5DC-459F-8BAE-DC64611C0B1F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd21-16_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AE1D8B1-E2E7-430E-892E-8B0CF866E324", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd21-16:-:*:*:*:*:*:*:*", matchCriteriaId: "24346A08-F63F-4C1C-9C56-C38CFE951319", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd30-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E14134F5-65F9-4AA6-B0B0-D0BB29DD236A", versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd30-10:-:*:*:*:*:*:*:*", matchCriteriaId: "593BD59F-41AA-4AEB-8F13-43484BE26E1A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-cd30-11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "749DBE68-7829-4C8C-8E77-A318A6C069E9", versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-cd30-11:-:*:*:*:*:*:*:*", matchCriteriaId: "2A60FDB8-D441-4758-8039-EC72D82129F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hirouter-h1-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23F869F-205E-4A16-8F39-D2ADE2FC0110", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hirouter-h1-10:-:*:*:*:*:*:*:*", matchCriteriaId: "EFF176F6-C4F5-42C4-8062-944BE659B676", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tc5200-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7964BB3B-2879-42EB-BFC9-88DA80810424", versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tc5200-10:-:*:*:*:*:*:*:*", matchCriteriaId: "677940C5-A53E-400C-A1B1-3AD9E7A5D8A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5100-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A5784B9-75DB-4B3C-A39C-BA5981FE59E8", versionEndExcluding: "10.0.2.7", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5100-10:-:*:*:*:*:*:*:*", matchCriteriaId: "9047E74D-FCB4-4AC9-AFD4-4671EA894C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5102-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB327892-DEFF-46E6-8455-BC46BA9A3618", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5102-10:-:*:*:*:*:*:*:*", matchCriteriaId: "1D7CF494-9BFA-4285-B605-F71038D43F3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5106-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "680447F5-F22A-4CB7-82B2-592F2ABDF1BB", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5106-10:-:*:*:*:*:*:*:*", matchCriteriaId: "DB016862-3469-4CD9-BAE5-5E402FEB6F67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5108-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2A92FF02-EDC8-4CA7-B73A-F2EDF16F19FC", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5108-10:-:*:*:*:*:*:*:*", matchCriteriaId: "FEEABBD3-61FF-4153-8A74-6EDAAF8139FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5200-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D2C5040-4164-4AD5-990C-D0BDBB603CDB", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5200-10:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABF0A04-286D-41DE-BA82-849C05C8AF28", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5200-11_firmware:9.0.3.11:*:*:*:*:*:*:*", matchCriteriaId: "FFD3E480-43D6-4C4C-B87A-D30A4B22A57B", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:ws5200-11_firmware:10.0.2.3:*:*:*:*:*:*:*", matchCriteriaId: "D35B3544-C774-40CD-A1F0-809DE8CAE106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*", matchCriteriaId: "C907A885-BA32-4819-B53C-0FBFE38C2510", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5280-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7EAA3A7-B89D-4590-9052-B54725494E71", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5280-10:-:*:*:*:*:*:*:*", matchCriteriaId: "2EBF21E5-8CF6-48DA-80ED-58AE59CDA069", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws5280-11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF2E5FB0-A4E7-49D1-A599-10FB1546EC70", versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws5280-11:-:*:*:*:*:*:*:*", matchCriteriaId: "36E769E6-D560-4E9F-9AC6-93744DAAF051", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws6500-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E7A7D72-7B25-44B6-9104-E1C246A87794", versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws6500-10:-:*:*:*:*:*:*:*", matchCriteriaId: "8C660061-69B0-43B8-BFD3-E858C6B2B437", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws6500-11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B459C5EE-1F5A-4E23-89CE-E52E8FBB5926", versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws6500-11:-:*:*:*:*:*:*:*", matchCriteriaId: "FB0E9103-6DDF-4140-8C60-39B667B982D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ws826-10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDF101FC-6BD1-48E5-8ADB-B6B9C29F08AE", versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ws826-10:-:*:*:*:*:*:*:*", matchCriteriaId: "F771D83F-8EBA-47E9-9260-C49605EEBCEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.", }, { lang: "es", value: "Algunos enrutadores domésticos de Huawei, presentan una vulnerabilidad de autorización inapropiada. Debido a la autorización inapropiada de determinados programas, un atacante puede explotar esta vulnerabilidad para ejecutar archivos maliciosos cargados y escalar privilegios.", }, ], id: "CVE-2019-5269", lastModified: "2024-11-21T04:44:38.663", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-29T20:15:12.083", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
var-201911-0260
Vulnerability from variot
Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege. plural Huawei home The router contains an incorrect authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Huawei HiRouter-CD15-10 is a wireless router from China's Huawei
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0260", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ws5200-11", scope: "eq", trust: 1.6, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5200-11", scope: "eq", trust: 1.6, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5106-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "hirouter-cd20-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.9", }, { model: "ws5200-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "cd10-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd18-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "cd17-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.3", }, { model: "ws6500-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "ws5108-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "cd18-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.2.23", }, { model: "hirouter-cd30-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.9", }, { model: "cd17-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd30-11", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.8", }, { model: "ws5102-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "ws5200-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.9", }, { model: "ws5100-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.11", }, { model: "hirouter-cd15-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.2.3", }, { model: "ws5280-11", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.22", }, { model: "hirouter-h1-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5280-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.22", }, { model: "ws5108-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd16-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.3", }, { model: "tc5200-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd15-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-h1-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd30-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.8", }, { model: "hirouter-cd21-16", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.9", }, { model: "hirouter-cd20-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "cd10-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws6500-11", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5106-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws6500-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5280-11", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "ws5280-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "ws826-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.11", }, { model: "ws826-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "tc5200-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5100-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd16-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd21-16", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd30-11", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.9", }, { model: "ws5102-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws6500-11", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd10-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd16-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd17-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd18-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd15-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd20-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd21-16", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd30-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd30-11", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-h1-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd10-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "cd16-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.3", }, { model: "cd17-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.3", }, { model: "cd18-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.2.23", }, { model: "hirouter-cd15-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.2.3", }, { model: "hirouter-cd20-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.9", }, { model: "hirouter-cd21-16", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.9", }, { model: "hirouter-cd30-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.8", }, { model: "hirouter-cd30-11", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.8", }, { model: "hirouter-h1-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.11", }, { model: "tc5200-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5100-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5102-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5106-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5108-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5200-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.9", }, { model: "ws5280-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.22", }, { model: "ws5280-11", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.22", }, { model: "ws6500-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.3", }, { model: "ws6500-11", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "ws826-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.11", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "NVD", id: "CVE-2019-5269", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd10-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd10-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.23", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd18-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd15-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd15-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd20-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd20-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd21-16_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd21-16:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd30-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd30-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd30-11_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd30-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-h1-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-h1-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:tc5200-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:tc5200-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5100-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5100-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5102-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5102-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5106-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5106-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5108-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5108-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5200-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5200-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5200-11_firmware:9.0.3.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:ws5200-11_firmware:10.0.2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5280-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5280-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5280-11_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5280-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws6500-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws6500-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws6500-11_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws6500-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws826-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws826-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-5269", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Changting Technology Security Lab of Beijing Changting Technology Co., Ltd.", sources: [ { db: "CNNVD", id: "CNNVD-201911-773", }, ], trust: 0.6, }, cve: "CVE-2019-5269", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-5269", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2019-42426", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-5269", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-5269", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-42426", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201911-773", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "NVD", id: "CVE-2019-5269", }, { db: "CNNVD", id: "CNNVD-201911-773", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege. plural Huawei home The router contains an incorrect authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Huawei HiRouter-CD15-10 is a wireless router from China's Huawei", sources: [ { db: "NVD", id: "CVE-2019-5269", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "CNVD", id: "CNVD-2019-42426", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-5269", trust: 3, }, { db: "JVNDB", id: "JVNDB-2019-012619", trust: 0.8, }, { db: "CNVD", id: "CNVD-2019-42426", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201911-773", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "NVD", id: "CVE-2019-5269", }, { db: "CNNVD", id: "CNNVD-201911-773", }, ], }, id: "VAR-201911-0260", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, ], trust: 1.2980519618181816, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, ], }, last_update_date: "2023-12-18T12:27:55.343000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "huawei-sa-20191113-01-homerouter", trust: 0.8, url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, { title: "Patch for Improper authorization vulnerability for multiple Huawei products", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/192095", }, { title: "Multiple Huawei Product security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=104250", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "CNNVD", id: "CNNVD-201911-773", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "CWE-863", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "NVD", id: "CVE-2019-5269", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-5269", }, { trust: 1.2, url: "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191113-01-homerouter-cn", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5269", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42426", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "NVD", id: "CVE-2019-5269", }, { db: "CNNVD", id: "CNNVD-201911-773", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-42426", }, { db: "JVNDB", id: "JVNDB-2019-012619", }, { db: "NVD", id: "CVE-2019-5269", }, { db: "CNNVD", id: "CNNVD-201911-773", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-27T00:00:00", db: "CNVD", id: "CNVD-2019-42426", }, { date: "2019-12-09T00:00:00", db: "JVNDB", id: "JVNDB-2019-012619", }, { date: "2019-11-29T20:15:12.083000", db: "NVD", id: "CVE-2019-5269", }, { date: "2019-11-13T00:00:00", db: "CNNVD", id: "CNNVD-201911-773", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-27T00:00:00", db: "CNVD", id: "CNVD-2019-42426", }, { date: "2019-12-09T00:00:00", db: "JVNDB", id: "JVNDB-2019-012619", }, { date: "2020-08-24T17:37:01.140000", db: "NVD", id: "CVE-2019-5269", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201911-773", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-201911-773", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Huawei home Unauthorized authentication vulnerabilities in routers", sources: [ { db: "JVNDB", id: "JVNDB-2019-012619", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-201911-773", }, ], trust: 0.6, }, }
var-201911-0270
Vulnerability from variot
Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories. The Huawei HiRouter-CD15-10 is a wireless router from China's Huawei
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0270", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ws5200-11", scope: "eq", trust: 1.6, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5200-11", scope: "eq", trust: 1.6, vendor: "huawei", version: "9.0.3.11", }, { model: "tc5200-10", scope: "eq", trust: 1.2, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5100-10", scope: "eq", trust: 1.2, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5102-10", scope: "eq", trust: 1.2, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5106-10", scope: "eq", trust: 1.2, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5108-10", scope: "eq", trust: 1.2, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5106-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "hirouter-cd20-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.9", }, { model: "ws5200-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "cd10-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd18-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "cd17-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.3", }, { model: "ws6500-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "ws5108-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "cd18-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.2.23", }, { model: "hirouter-cd30-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.9", }, { model: "cd17-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd30-11", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.8", }, { model: "ws5102-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "ws5200-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.9", }, { model: "ws5100-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.11", }, { model: "hirouter-cd15-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.2.3", }, { model: "ws5280-11", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.22", }, { model: "hirouter-h1-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5280-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.22", }, { model: "ws5108-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd16-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.3", }, { model: "tc5200-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd15-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-h1-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd30-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.8", }, { model: "hirouter-cd21-16", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.9", }, { model: "hirouter-cd20-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "cd10-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws6500-11", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws5106-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws6500-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5280-11", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "ws5280-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.6", }, { model: "ws826-10", scope: "gte", trust: 1, vendor: "huawei", version: "9.0.3.11", }, { model: "ws826-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "tc5200-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.3", }, { model: "ws5100-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd16-10", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd21-16", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.5", }, { model: "hirouter-cd30-11", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.9", }, { model: "ws5102-10", scope: "gte", trust: 1, vendor: "huawei", version: "10.0.2.2", }, { model: "ws6500-11", scope: "lt", trust: 1, vendor: "huawei", version: "10.0.2.7", }, { model: "cd10-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd16-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd17-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd18-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd15-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd20-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd21-16", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd30-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-cd30-11", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "hirouter-h1-10", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "cd10-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "cd16-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.3", }, { model: "cd17-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.3", }, { model: "cd18-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.2.23", }, { model: "hirouter-cd15-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.2.3", }, { model: "hirouter-cd20-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.9", }, { model: "hirouter-cd21-16", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.9", }, { model: "hirouter-cd30-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.8", }, { model: "hirouter-cd30-11", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.8", }, { model: "hirouter-h1-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5200-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.9", }, { model: "ws5280-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.22", }, { model: "ws5280-11", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.22", }, { model: "ws6500-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.3", }, { model: "ws6500-11", scope: "eq", trust: 0.6, vendor: "huawei", version: "10.0.2.2", }, { model: "ws826-10", scope: "eq", trust: 0.6, vendor: "huawei", version: "9.0.3.11", }, { model: "ws5106-10", scope: "eq", trust: 0.6, vendor: "huawei", version: null, }, { model: "hirouter-h1-10", scope: "eq", trust: 0.6, vendor: "huawei", version: null, }, { model: "tc5200-10", scope: "eq", trust: 0.6, vendor: "huawei", version: null, }, { model: "ws5102-10", scope: "eq", trust: 0.6, vendor: "huawei", version: null, }, { model: "ws5100-10", scope: "eq", trust: 0.6, vendor: "huawei", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "NVD", id: "CVE-2019-5268", }, { db: "CNNVD", id: "CNNVD-201911-775", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd10-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd10-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.23", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:cd18-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd15-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd15-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd20-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd20-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd21-16_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd21-16:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd30-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd30-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-cd30-11_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.9", versionStartIncluding: "10.0.2.8", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-cd30-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:hirouter-h1-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:hirouter-h1-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:tc5200-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:tc5200-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5100-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5100-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5102-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5102-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5106-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5106-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5108-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5108-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5200-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.9", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5200-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5200-11_firmware:9.0.3.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:ws5200-11_firmware:10.0.2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5280-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5280-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws5280-11_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.6", versionStartIncluding: "9.0.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws5280-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws6500-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "10.0.2.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws6500-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws6500-11_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.7", versionStartIncluding: "10.0.2.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws6500-11:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:ws826-10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.0.2.5", versionStartIncluding: "9.0.3.11", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:ws826-10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-5268", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Changting Technology Security Lab of Beijing Changting Technology Co., Ltd.", sources: [ { db: "CNNVD", id: "CNNVD-201911-775", }, ], trust: 0.6, }, cve: "CVE-2019-5268", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, impactScore: 4.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 4.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-5268", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "CNVD-2019-42427", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "None", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-5268", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-5268", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-42427", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201911-775", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "NVD", id: "CVE-2019-5268", }, { db: "CNNVD", id: "CNNVD-201911-775", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories. The Huawei HiRouter-CD15-10 is a wireless router from China's Huawei", sources: [ { db: "NVD", id: "CVE-2019-5268", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "CNVD", id: "CNVD-2019-42427", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-5268", trust: 3, }, { db: "JVNDB", id: "JVNDB-2019-012694", trust: 0.8, }, { db: "CNVD", id: "CNVD-2019-42427", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201911-775", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "NVD", id: "CVE-2019-5268", }, { db: "CNNVD", id: "CNNVD-201911-775", }, ], }, id: "VAR-201911-0270", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, ], trust: 1.2980519618181816, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, ], }, last_update_date: "2023-12-18T13:38:05.604000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "huawei-sa-20191113-01-homerouter", trust: 0.8, url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, { title: "Patch for Multiple Huawei Product Input Validation Error Vulnerabilities", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/192103", }, { title: "Multiple Huawei Product input verification error vulnerability fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=104477", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "CNNVD", id: "CNNVD-201911-775", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "NVD", id: "CVE-2019-5268", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-5268", }, { trust: 1.2, url: "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191113-01-homerouter-cn", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5268", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-42427", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "NVD", id: "CVE-2019-5268", }, { db: "CNNVD", id: "CNNVD-201911-775", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-42427", }, { db: "JVNDB", id: "JVNDB-2019-012694", }, { db: "NVD", id: "CVE-2019-5268", }, { db: "CNNVD", id: "CNNVD-201911-775", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-27T00:00:00", db: "CNVD", id: "CNVD-2019-42427", }, { date: "2019-12-11T00:00:00", db: "JVNDB", id: "JVNDB-2019-012694", }, { date: "2019-11-29T21:15:11.387000", db: "NVD", id: "CVE-2019-5268", }, { date: "2019-11-13T00:00:00", db: "CNNVD", id: "CNNVD-201911-775", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-27T00:00:00", db: "CNVD", id: "CNVD-2019-42427", }, { date: "2019-12-11T00:00:00", db: "JVNDB", id: "JVNDB-2019-012694", }, { date: "2019-12-09T19:34:08.653000", db: "NVD", id: "CVE-2019-5268", }, { date: "2020-01-09T00:00:00", db: "CNNVD", id: "CNNVD-201911-775", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-201911-775", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Huawei Vulnerability in input validation in home router products", sources: [ { db: "JVNDB", id: "JVNDB-2019-012694", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-201911-775", }, ], trust: 0.6, }, }
cve-2019-5268
Vulnerability from cvelistv5
Published
2019-11-29 20:01
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CD10-10, CD16-10, CD17-10, CD18-10, HiRouter-CD15-10, HiRouter-CD20-10, HiRouter-CD21-16, HiRouter-CD30-10, HiRouter-CD30-11, HiRouter-H1-10, TC5200-10, WS5100-10, WS5102-10, WS5106-10, WS5108-10, WS5200-10, WS5200-11, , WS5280-10, WS5280-11, WS6500-10, WS6500-11, WS826-10 |
Version: 10.0.2.2, 10.0.2.3, 9.0.3.3, 9.0.2.23, 9.0.2.3, 9.0.3.9, 10.0.2.8, 9.0.3.11, 9.0.3.22 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.841Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CD10-10, CD16-10, CD17-10, CD18-10, HiRouter-CD15-10, HiRouter-CD20-10, HiRouter-CD21-16, HiRouter-CD30-10, HiRouter-CD30-11, HiRouter-H1-10, TC5200-10, WS5100-10, WS5102-10, WS5106-10, WS5108-10, WS5200-10, WS5200-11, , WS5280-10, WS5280-11, WS6500-10, WS6500-11, WS826-10", vendor: "n/a", versions: [ { status: "affected", version: "10.0.2.2, 10.0.2.3, 9.0.3.3, 9.0.2.23, 9.0.2.3, 9.0.3.9, 10.0.2.8, 9.0.3.11, 9.0.3.22", }, ], }, ], descriptions: [ { lang: "en", value: "Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.", }, ], problemTypes: [ { descriptions: [ { description: "input validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-29T20:01:51", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5268", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CD10-10, CD16-10, CD17-10, CD18-10, HiRouter-CD15-10, HiRouter-CD20-10, HiRouter-CD21-16, HiRouter-CD30-10, HiRouter-CD30-11, HiRouter-H1-10, TC5200-10, WS5100-10, WS5102-10, WS5106-10, WS5108-10, WS5200-10, WS5200-11, , WS5280-10, WS5280-11, WS6500-10, WS6500-11, WS826-10", version: { version_data: [ { version_value: "10.0.2.2, 10.0.2.3, 9.0.3.3, 9.0.2.23, 9.0.2.3, 9.0.3.9, 10.0.2.8, 9.0.3.11, 9.0.3.22", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "input validation", }, ], }, ], }, references: { reference_data: [ { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5268", datePublished: "2019-11-29T20:01:51", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5269
Vulnerability from cvelistv5
Published
2019-11-29 19:57
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CD10-10, CD16-10, CD17-10, CD18-10, HiRouter-CD15-10, HiRouter-CD20-10, HiRouter-CD21-16, HiRouter-CD30-10, HiRouter-CD30-11, HiRouter-H1-10, TC5200-10, WS5100-10, WS5102-10, WS5106-10, WS5108-10, WS5200-10, WS5200-11, , WS5280-10, WS5280-11, WS6500-10, WS6500-11, WS826-10 |
Version: 10.0.2.2, 10.0.2.3, 9.0.3.3, 9.0.2.23, 9.0.2.3, 9.0.3.9, 10.0.2.8, 9.0.3.11, 9.0.3.22 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:57.024Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CD10-10, CD16-10, CD17-10, CD18-10, HiRouter-CD15-10, HiRouter-CD20-10, HiRouter-CD21-16, HiRouter-CD30-10, HiRouter-CD30-11, HiRouter-H1-10, TC5200-10, WS5100-10, WS5102-10, WS5106-10, WS5108-10, WS5200-10, WS5200-11, , WS5280-10, WS5280-11, WS6500-10, WS6500-11, WS826-10", vendor: "n/a", versions: [ { status: "affected", version: "10.0.2.2, 10.0.2.3, 9.0.3.3, 9.0.2.23, 9.0.2.3, 9.0.3.9, 10.0.2.8, 9.0.3.11, 9.0.3.22", }, ], }, ], descriptions: [ { lang: "en", value: "Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.", }, ], problemTypes: [ { descriptions: [ { description: "improper authorization", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-29T19:57:58", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5269", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CD10-10, CD16-10, CD17-10, CD18-10, HiRouter-CD15-10, HiRouter-CD20-10, HiRouter-CD21-16, HiRouter-CD30-10, HiRouter-CD30-11, HiRouter-H1-10, TC5200-10, WS5100-10, WS5102-10, WS5106-10, WS5108-10, WS5200-10, WS5200-11, , WS5280-10, WS5280-11, WS6500-10, WS6500-11, WS826-10", version: { version_data: [ { version_value: "10.0.2.2, 10.0.2.3, 9.0.3.3, 9.0.2.23, 9.0.2.3, 9.0.3.9, 10.0.2.8, 9.0.3.11, 9.0.3.22", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "improper authorization", }, ], }, ], }, references: { reference_data: [ { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5269", datePublished: "2019-11-29T19:57:58", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:57.024Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }