Sign-up

ID

VAR-202004-2254


TITLE

Huawei HG630 V2 Home Pass Certification Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-26858

DESCRIPTION

Huawei Technologies Co., Ltd. (hereinafter referred to as Huawei) was established in 1987, and its headquarter is located in Yigang District, Shenzhen City, East China. Huawei is a leading global provider of information and communication technology (ICT) solutions, focusing on the ICT field. The Huawei HG630 V2 family gateway has an authentication bypass vulnerability. Attackers can use this vulnerability to access /api/system/deviceinfo to obtain device information such as serial numbers.

Trust: 0.6

sources: CNVD: CNVD-2020-26858

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-26858

AFFECTED PRODUCTS

vendor:huaweimodel:hg630 homegatewayscope:eqversion:v2

Trust: 0.6

sources: CNVD: CNVD-2020-26858

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-26858
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2020-26858
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-26858

EXTERNAL IDS

db:SEEBUGid:SSVID-98208

Trust: 0.6

db:CNVDid:CNVD-2020-26858

Trust: 0.6

sources: CNVD: CNVD-2020-26858

REFERENCES

url:https://www.zoomeye.org/searchresult?q=%22%3ctitle%3ehg630%

Trust: 0.6

url:https://www.seebug.org/vuldb/ssvid-98208

Trust: 0.6

sources: CNVD: CNVD-2020-26858

SOURCES

db:CNVDid:CNVD-2020-26858

LAST UPDATE DATE

2022-05-17T01:57:37.361000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-26858date:2020-05-07T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-26858date:2020-04-15T00:00:00