PT-2020-20537 · Huawei · Huawei 5G Mobile Wifi E6878-370

Published

2020-08-17

Updated

2021-07-21

CVE-2020-9241

CVSS v3.1

7.0

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Huawei 5G Mobile WiFi E6878-370 versions 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP21C233)

Description The issue is related to improper authorization, where the device does not restrict certain data received from the WAN port. This could allow an attacker on the WAN side to manage certain services of the device.

Recommendations For version 10.0.3.1(H563SP1C00), restrict access to the WAN port until a patch is available. For version 10.0.3.1(H563SP21C233), restrict access to the WAN port until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-9241

Affected Products

Huawei 5G Mobile Wifi E6878-370

PT-2020-20537 · Huawei · Huawei 5G Mobile Wifi E6878-370

CVE-2020-9241

Related Identifiers

Affected Products

References · 3