PT-2019-4440 · Huawei · Huawei Ap4050Dn-E+2

Published

2019-03-27

Updated

2019-06-05

CVE-2019-5298

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Huawei AP2000 versions prior to V200R009C00SPC800 Huawei AP4000 versions prior to V200R009C00SPC800 Huawei AP4050DN-E versions prior to V200R009C00SPC800

Description The issue is related to improper authentication in the firmware of certain Huawei access point products. This could allow an attacker to execute arbitrary commands by exploiting the vulnerability through the serial port.

Recommendations For Huawei AP2000 versions prior to V200R009C00SPC800, update to version V200R009C00SPC800 or later. For Huawei AP4000 versions prior to V200R009C00SPC800, update to version V200R009C00SPC800 or later. For Huawei AP4050DN-E versions prior to V200R009C00SPC800, update to version V200R009C00SPC800 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

BDU:2020-00198

CVE-2019-5298

Affected Products

Huawei Ap2000

Huawei Ap4000

Huawei Ap4050Dn-E

PT-2019-4440 · Huawei · Huawei Ap4050Dn-E+2

CVE-2019-5298

Weakness Enumeration

Related Identifiers

Affected Products

References · 4