Описание
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:huawei:ws331a_router_firmware:ws331a-10_v100r001c02b017sp01:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws331a_router:-:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00161
Низкий
6.1 Medium
CVSS3
7.1 High
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors.
EPSS
Процентиль: 38%
0.00161
Низкий
6.1 Medium
CVSS3
7.1 High
CVSS2
Дефекты
CWE-352