Www.Huawei.Com · Hg630 V2 Router · CVE-2020-37220
**Name of the Vulnerable Software and Affected Versions**
Huawei HG630 V2 (affected versions not specified)
**Description**
An authentication bypass allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the '/api/system/deviceinfo' endpoint to extract the `SerialNumber` field and use the last 8 characters as the default password to log in to the router.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.