Details of VAR-200902-0691

ID

VAR-200902-0691

TITLE

Huawei E960 HSDPA Router SMS Cross-Site Scripting Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2009-1121

DESCRIPTION

The Huawei E960 is a small dual-mode wireless gateway and USB modem. Huawei E960 routers allow sending and receiving text messages through their web interface, but the first 32 characters of each text message are displayed without escaping in the inbox view, so remote attackers can perform cross-sites by sending malicious text messages. Script attack. In addition, the attacker can also merge multiple messages by injecting a javascript commentary by sending multiple text messages to bypass the 32-character limit. After being attacked, you cannot use the Inbox page to delete the received text message because the delete key is no longer valid. You must use the username admin and password admin telnet to the router to move text messages. The Huawei E960 uses the busybox shell, so you can use the standard rm command to move text messages (located at /tmp/sms/inbox_sms) before you can delete them from the inbox page. Huawei E960 HSDPA Router is prone to an HTML-injection vulnerability because the device's web-based interface fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. Huawei E960 HSDPA Router with firmware 246.11.04.11.110sp04 is vulnerable; other versions may also be affected

Trust: 0.81

sources: CNVD: CNVD-2009-1121 // BID: 33866

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2009-1121

AFFECTED PRODUCTS

vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	e960 hsdpa router 11.110sp04	scope:	eq	version:	246.11.4	Trust: 0.3

sources: CNVD: CNVD-2009-1121 // BID: 33866

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2009-1121
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2009-1121
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2009-1121

THREAT TYPE

network

Trust: 0.3

sources: BID: 33866

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 33866

EXTERNAL IDS

db:	BID	id:	33866	Trust: 0.9
db:	CNVD	id:	CNVD-2009-1121	Trust: 0.6

sources: CNVD: CNVD-2009-1121 // BID: 33866

REFERENCES

url:	http://www.huawei.com/	Trust: 0.3
url:	/archive/1/501178	Trust: 0.3

sources: BID: 33866

CREDITS

Rizki Wicaksono

Trust: 0.3

sources: BID: 33866

SOURCES

db:	CNVD	id:	CNVD-2009-1121
db:	BID	id:	33866

LAST UPDATE DATE

2022-05-17T01:49:20.492000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2009-1121	date:	2014-01-27T00:00:00
db:	BID	id:	33866	date:	2009-02-23T21:17:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2009-1121	date:	2009-02-23T00:00:00
db:	BID	id:	33866	date:	2009-02-23T00:00:00