Sign-up

ID

VAR-201212-0172


CVE

CVE-2012-5969


TITLE

Huawei E585 pocket wifi 2 device contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#871148

DESCRIPTION

Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi. Huawei E585 The device contains a directory traversal vulnerability.By a third party (1) sdcard/ Request .. Huawei E585 is a WiFi 3G wireless routing device. This vulnerability cannot be exploited through the WAN side. Huawei E585 is prone to a denial-of-service vulnerability, a directory-traversal vulnerability, and a security-bypass vulnerability. Huawei E585 is a high-speed wireless network access modem produced by China Huawei (Huawei). ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Huawei E585 Management Interface Multiple Vulnerabilities SECUNIA ADVISORY ID: SA51596 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51596/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51596 RELEASE DATE: 2012-12-14 DISCUSS ADVISORY: http://secunia.com/advisories/51596/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51596/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51596 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Huawei E585, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and cause a DoS (Denial of Service). 1) An error within the web management interface when validating the status of a logged in session can be exploited to bypass the authentication process. 3) A NULL pointer dereference error within the web management interface when processing certain web requests can be exploited to cause a crash. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198240.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.33

sources: NVD: CVE-2012-5969 // CERT/CC: VU#871148 // JVNDB: JVNDB-2012-005763 // CNVD: CNVD-2012-7490 // BID: 56927 // VULHUB: VHN-59250 // PACKETSTORM: 118858

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-7490

AFFECTED PRODUCTS

vendor:huaweimodel:e585scope:eqversion: -

Trust: 1.6

vendor:huaweimodel:e585u-82scope:eqversion: -

Trust: 1.6

vendor:huaweimodel: - scope: - version: -

Trust: 0.8

vendor:huaweimodel:e585scope: - version: -

Trust: 0.8

vendor:huaweimodel:e585u-82scope: - version: -

Trust: 0.8

vendor:huaweimodel:e585 pocket wifi devicescope:eqversion:2

Trust: 0.6

sources: CERT/CC: VU#871148 // CNVD: CNVD-2012-7490 // JVNDB: JVNDB-2012-005763 // CNNVD: CNNVD-201212-215 // NVD: CVE-2012-5969

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5969
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-5969
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201212-215
value: MEDIUM

Trust: 0.6

VULHUB: VHN-59250
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-5969
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-59250
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-59250 // JVNDB: JVNDB-2012-005763 // CNNVD: CNNVD-201212-215 // NVD: CVE-2012-5969

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-59250 // JVNDB: JVNDB-2012-005763 // NVD: CVE-2012-5969

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201212-215

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201212-215

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-005763

PATCH
title:Top Pageurl:http://www.huawei.com/jp/
Trust: 0.8
title:Huawei-SA-20121124-1-E585url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm
Trust: 0.8
title:Huawei E585 pocket wifi 2 device directory traversal vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/26540
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2012-7490 // 
            
            
            
            JVNDB: JVNDB-2012-005763

EXTERNAL IDS
db:CERT/CCid:VU#871148
Trust: 4.2
db:NVDid:CVE-2012-5969
Trust: 3.4
db:BIDid:56927
Trust: 0.9
db:JVNid:JVNVU92360060
Trust: 0.8
db:JVNDBid:JVNDB-2012-005763
Trust: 0.8
db:CNNVDid:CNNVD-201212-215
Trust: 0.7
db:SECUNIAid:51596
Trust: 0.7
db:CNVDid:CNVD-2012-7490
Trust: 0.6
db:VULHUBid:VHN-59250
Trust: 0.1
db:PACKETSTORMid:118858
Trust: 0.1
sources:
            
            
            CERT/CC: VU#871148 // 
            
            
            
            CNVD: CNVD-2012-7490 // 
            
            
            
            VULHUB: VHN-59250 // 
            
            
            
            BID: 56927 // 
            
            
            
            JVNDB: JVNDB-2012-005763 // 
            
            
            
            PACKETSTORM: 118858 // 
            
            
            
            CNNVD: CNNVD-201212-215 // 
            
            
            
            NVD: CVE-2012-5969

REFERENCES
url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm
Trust: 2.9
url:http://www.kb.cert.org/vuls/id/871148
Trust: 2.8
url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198240.htm
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5969
Trust: 0.8
url:http://jvn.jp/cert/jvnvu92360060/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5969
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/871148http
Trust: 0.6
url:http://secunia.com/advisories/51596
Trust: 0.6
url:http://www.securityfocus.com/bid/56927
Trust: 0.6
url:http://www.huaweidevice.com/worldwide/
Trust: 0.3
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=51596
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/51596/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/blog/325/
Trust: 0.1
url:http://secunia.com/advisories/51596/#comments
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#871148 // 
            
            
            
            CNVD: CNVD-2012-7490 // 
            
            
            
            VULHUB: VHN-59250 // 
            
            
            
            BID: 56927 // 
            
            
            
            JVNDB: JVNDB-2012-005763 // 
            
            
            
            PACKETSTORM: 118858 // 
            
            
            
            CNNVD: CNNVD-201212-215 // 
            
            
            
            NVD: CVE-2012-5969

CREDITS
John Bird
Trust: 0.9
sources:
            
            
            BID: 56927 // 
            
            
            
            CNNVD: CNNVD-201212-215

SOURCES
db:CERT/CCid:VU#871148
db:CNVDid:CNVD-2012-7490
db:VULHUBid:VHN-59250
db:BIDid:56927
db:JVNDBid:JVNDB-2012-005763
db:PACKETSTORMid:118858
db:CNNVDid:CNNVD-201212-215
db:NVDid:CVE-2012-5969

LAST UPDATE DATE
2025-04-11T23:05:42.389000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#871148date:2012-12-13T00:00:00
db:CNVDid:CNVD-2012-7490date:2012-12-17T00:00:00
db:VULHUBid:VHN-59250date:2012-12-19T00:00:00
db:BIDid:56927date:2015-03-19T09:35:00
db:JVNDBid:JVNDB-2012-005763date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-201212-215date:2012-12-21T00:00:00
db:NVDid:CVE-2012-5969date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CERT/CCid:VU#871148date:2012-12-13T00:00:00
db:CNVDid:CNVD-2012-7490date:2012-12-17T00:00:00
db:VULHUBid:VHN-59250date:2012-12-19T00:00:00
db:BIDid:56927date:2012-12-13T00:00:00
db:JVNDBid:JVNDB-2012-005763date:2012-12-20T00:00:00
db:PACKETSTORMid:118858date:2012-12-14T05:18:47
db:CNNVDid:CNNVD-201212-215date:2012-12-17T00:00:00
db:NVDid:CVE-2012-5969date:2012-12-19T11:55:59.797