Sign-up

ID

VAR-201909-1665


TITLE

Huawei HG530 Reboot Restore Privilege Elevation Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-33614

DESCRIPTION

Huawei HG530 is a router that integrates ADSL2, broadband sharer, 4-port switch and 54M wireless access point. Huawei HG530 Reboot Restore has an elevation of privilege vulnerability, which originates from the fact that the program does not perform complete verification and error detection on the file path. An attacker could exploit this vulnerability to upload privileges by uploading malicious software using the REST API.

Trust: 0.6

sources: CNVD: CNVD-2019-33614

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-33614

AFFECTED PRODUCTS

vendor:huaweimodel:hg530scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2019-33614

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-33614
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2019-33614
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2019-33614

EXTERNAL IDS

db:CXSECURITYid:WLB-2019070092

Trust: 0.6

db:CNVDid:CNVD-2019-33614

Trust: 0.6

sources: CNVD: CNVD-2019-33614

REFERENCES

url:https://cxsecurity.com/issue/wlb-2019070092

Trust: 0.6

sources: CNVD: CNVD-2019-33614

SOURCES

db:CNVDid:CNVD-2019-33614

LAST UPDATE DATE

2022-05-17T01:43:06.385000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-33614date:2019-09-29T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-33614date:2019-09-29T00:00:00