CVE-2023-7266

Name of the Vulnerable Software and Affected Versions: Huawei home routers (affected versions not specified) Huawei TC7001-10, WS7200-10, and WS7206-10 (affected versions not specified)

Description: The issue is related to a connection hijacking vulnerability in some Huawei home routers. This vulnerability can be exploited to cause denial of service (DoS) attacks or information leakage. The vulnerability is associated with a lack of session fixation mechanism due to the absence of reverse address checking and TCP connection tracing.

Recommendations: For Huawei home routers, consider restricting access to the device until a patch is available. For Huawei TC7001-10, WS7200-10, and WS7206-10, restrict access to the vulnerable Wi-Fi module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.