Описание
Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до e5151s-2tcpu-v200r001b141d13sp00c1080 (включая)Версия до v200r001b306d01c00 (включая)
Одновременно
Одно из
cpe:2.3:h:huawei:e5151:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:e5186:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:huawei:e5151_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:e5186_firmware:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00569
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors.
EPSS
Процентиль: 68%
0.00569
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20