Huawei EchoLife HG520c 'AutoRestart.html' Authentication Bypass Vulnerability
BID:39650
Info
Huawei EchoLife HG520c 'AutoRestart.html' Authentication Bypass Vulnerability
| Bugtraq ID: | 39650 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 22 2010 12:00AM |
| Updated: | Apr 22 2010 12:00AM |
| Credit: | hkm |
| Vulnerable: |
Huawei EchoLife HG520c 3.10.18.7-1.0.7.0 Huawei EchoLife HG520c 3.10.18.7-1.0.5.0 |
| Not Vulnerable: | |
Discussion
Huawei EchoLife HG520c 'AutoRestart.html' Authentication Bypass Vulnerability
The Huawei EchoLife HG520c is prone to an authentication-bypass vulnerability.
Attackers can leverage this issue to restart the device without proper authentication. Successful exploits may lead to other attacks.
The following Huawei EchoLife HG520c firmware and software versions are vulnerable:
Firmware 3.10.18.7-1.0.7.0, 3.10.18.5-1.0.7.0, 3.10.18.4
Software Versions: V100R001B120Telmex, V100R001B121Telmex
The Huawei EchoLife HG520c is prone to an authentication-bypass vulnerability.
Attackers can leverage this issue to restart the device without proper authentication. Successful exploits may lead to other attacks.
The following Huawei EchoLife HG520c firmware and software versions are vulnerable:
Firmware 3.10.18.7-1.0.7.0, 3.10.18.5-1.0.7.0, 3.10.18.4
Software Versions: V100R001B120Telmex, V100R001B121Telmex
Solution / Fix
Huawei EchoLife HG520c 'AutoRestart.html' Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Huawei EchoLife HG520c 'AutoRestart.html' Authentication Bypass Vulnerability
References:
References:
- EchoLife HG520 - Homepage (Huawei)