ID
VAR-E-201312-0435
TITLE
Huawei B593u-12 And T-Mobile HOME NET Router Multiple Security Vulnerabilities
Trust: 0.3
DESCRIPTION
Huawei B593u-12 And T-Mobile HOME NET Router are prone to the following security vulnerabilities:
1. An information-disclosure vulnerability
2. A security-bypass vulnerability
3. A command-injection vulnerability
4. A directory-traversal vulnerability.
5. A cross-site request-forgery vulnerability
Exploiting these issues may allow a remote attacker to obtain sensitive information, perform certain administrative actions, bypass certain security restrictions, access arbitrary files, execute arbitrary commands, and gain unauthorized access to the affected device. Other attacks are also possible.
The following products are vulnerable:
Huawei B593u-12 version V100R001C54SP063
T-Mobile HOME NET Router version V100R001C54SP063
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | t mobile | model: | home net router v100r001c54sp063 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | huawei | model: | b593u-12 v100r001c54sp063 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | t mobile | model: | home net router v100r001c55sp102 | scope: | ne | version: | - | Trust: 0.3 |
EXPLOIT
An attacker can exploit these issues through a browser or readily available tools. To exploit the cross-site request-forgery issue, the attacker must entice an unsuspecting victim into following a malicious URI.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Unknown
Trust: 0.3
CREDITS
J. Greil, asiantuntijakaveri@ichtyotoxism
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 65132 | Trust: 0.3 |
REFERENCES
| url: | https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140122-0_t-mobile_homenet_lte_huawei_b593_router_critical_vulnerabilities_wo_poc_v10.txt | Trust: 0.3 |
| url: | http://www.t-mobile.at/ | Trust: 0.3 |
| url: | http://blog.t-mobile.at/2014/01/22/software-updates-schuetzen-vor-sicherheitsluecken/ | Trust: 0.3 |
| url: | http://www.huawei.com | Trust: 0.3 |
| url: | http://blog.asiantuntijakaveri.fi/2013/08/gaining-root-shell-on-huawei-b593-4g.html | Trust: 0.3 |
SOURCES
| db: | BID | id: | 65132 |
LAST UPDATE DATE
2022-07-27T09:40:23.882000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 65132 | date: | 2013-12-12T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 65132 | date: | 2013-12-12T00:00:00 |