ID

VAR-201004-0518

TITLE

Huawei EchoLife HG520c 'AutoRestart.html'Verification Bypass Vulnerability

DESCRIPTION

Huawei EchoLife HG520 is a wireless router of the SOHO series. Huawei EchoLife HG520 lacks the correct access restrictions for the 'AutoRestart.html' script, and an attacker can exploit the vulnerability without having to verify the reboot device. Huawei EchoLife HG520 is a family gateway series designed for home Internet and home office. If the remote user submits an index variable longer than 7 characters to the /rpLocalDeviceJump.html page of the EchoLife HG520 management console, the device will reboot. Use of this vulnerability requires certification. The Huawei EchoLife HG520c is prone to an authentication-bypass vulnerability. Attackers can leverage this issue to restart the device without proper authentication. Successful exploits may lead to other attacks. The following Huawei EchoLife HG520c firmware and software versions are vulnerable: Firmware 3.10.18.7-1.0.7.0, 3.10.18.5-1.0.7.0, 3.10.18.4 Software Versions: V100R001B120Telmex, V100R001B121Telmex. ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Huawei HG520 Two Vulnerabilities SECUNIA ADVISORY ID: SA39491 VERIFY ADVISORY: http://secunia.com/advisories/39491/ DESCRIPTION: Two vulnerabilities have been reported in Huawei HG520, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). 1) An unspecified error in the handling of UDP packets can be exploited to view the device configuration data (e.g. PPPoE credentials used to access the ISP's network) via a specially crafted packet sent to port 43690 . 2) The device does not properly restrict access to the AutoRestart.html script. SOLUTION: Restrict access to the device to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: hkm ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12297 http://www.exploit-db.com/exploits/12298 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

IOT TAXONOMY

AFFECTED PRODUCTS

THREAT TYPE

network

TYPE

Access Validation Error

EXTERNAL IDS

REFERENCES

CREDITS

hkm

SOURCES

LAST UPDATE DATE

2022-05-17T02:04:52.878000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE