Описание
Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary web script or HTML via an SMS message.
Комментарий
Per: http://www.kb.cert.org/vuls/id/688812
"The following device configuration was reported to be vulnerable. Other versions may be affected: Hardware version: CH1E355SM Software version: 21.157.37.01.910 Web UI version: 11.001.08.00.03"
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Одновременно
Одно из
EPSS
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary web script or HTML via an SMS message.
EPSS
4.3 Medium
CVSS2