Multiple vulnerabilities in certain Huawei home routers
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper Authorization
EUVDB-ID: #VU22787
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5269
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass authorization checks.
The vulnerability exists due to improper authorization of certain programs. A local user can execute uploaded malicious files and escalate privilege on the target system. MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei CD10-10: 10.0.2.2
Huawei CD16-10: 10.0.2.3
Huawei WS5102-10: 10.0.2.2
Huawei WS5106-10: 10.0.2.2
Huawei WS5108-10: 10.0.2.2
Huawei WS5200-10: 9.0.3.9 - 10.0.2.2(C05)
Huawei WS5200-11: 9.0.3.11 - 10.0.2.3
Huawei WS5280-10: 9.0.3.22
Huawei WS5280-11: 9.0.3.22
Huawei WS6500-10: 10.0.2.3
Huawei WS6500-11: 10.0.2.2
Huawei WS826-10: 9.0.3.11
Huawei WS5100-10: 9.0.3.11
Huawei TC5200-10: 10.0.2.3
Huawei HiRouter-H1-10: 9.0.3.11
Huawei HiRouter-CD30-11: 10.0.2.8
Huawei HiRouter-CD30-10: 10.0.2.8
Huawei HiRouter-CD21-16: 9.0.3.9
Huawei HiRouter-CD20-10: 9.0.3.9
Huawei HiRouter-CD15-10: 9.0.2.3
Huawei CD18-10: 9.0.2.23
Huawei CD17-10: 9.0.3.3
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU22780
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5268
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to upload arbitrary files.
The vulnerability exists due to insufficient validation of user-supplied input. An authenticated attacker on adjacent network with access to the device can send a specially crafted packet to obtain files in the device and upload files to some directories.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei CD10-10: 10.0.2.2
Huawei CD16-10: 10.0.2.3
Huawei WS5102-10: 10.0.2.2
Huawei WS5106-10: 10.0.2.2
Huawei WS5108-10: 10.0.2.2
Huawei WS5200-10: 9.0.3.9 - 10.0.2.2(C05)
Huawei WS5200-11: 9.0.3.11 - 10.0.2.3
Huawei WS5280-10: 9.0.3.22
Huawei WS5280-11: 9.0.3.22
Huawei WS6500-10: 10.0.2.3
Huawei WS6500-11: 10.0.2.2
Huawei WS826-10: 9.0.3.11
Huawei WS5100-10: 9.0.3.11
Huawei TC5200-10: 10.0.2.3
Huawei HiRouter-H1-10: 9.0.3.11
Huawei HiRouter-CD30-11: 10.0.2.8
Huawei HiRouter-CD30-10: 10.0.2.8
Huawei HiRouter-CD21-16: 9.0.3.9
Huawei HiRouter-CD20-10: 9.0.3.9
Huawei HiRouter-CD15-10: 9.0.2.3
Huawei CD18-10: 9.0.2.23
Huawei CD17-10: 9.0.3.3
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
