CVE-2019-5269

Published: Nov 29, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.

Affected (23)

Products: Huawei: Cd10 10 Firmware, Cd16 10 Firmware, Cd17 10 Firmware, Cd18 10 Firmware, Hirouter Cd15 10 Firmware, Hirouter Cd20 10 Firmware, Hirouter Cd21 16 Firmware, Hirouter Cd30 10 Firmware, Hirouter Cd30 11 Firmware, Hirouter H1 10 Firmware, Tc5200 10 Firmware, Ws5100 10 Firmware, Ws5102 10 Firmware, Ws5106 10 Firmware, Ws5108 10 Firmware, Ws5200 10 Firmware, Ws5200 11 Firmware, Ws5280 10 Firmware, Ws5280 11 Firmware, Ws6500 10 Firmware, Ws6500 11 Firmware, Ws826 10 Firmware

22 products

Hirouter Cd15 10 Firmware

Hirouter Cd20 10 Firmware

Hirouter Cd21 16 Firmware

Hirouter Cd30 10 Firmware

Hirouter Cd30 11 Firmware

Hirouter H1 10 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Cd10 10 Firmware	From 10.0.2.2 to 10.0.2.7

Running on/with	Platform Versions
Huawei Cd10 10	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Cd16 10 Firmware	From 10.0.2.3 to 10.0.2.5

Running on/with	Platform Versions
Huawei Cd16 10	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Cd17 10 Firmware	From 9.0.3.3 to 10.0.2.5

Running on/with	Platform Versions
Huawei Cd17 10	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Cd18 10 Firmware	From 9.0.2.23 to 10.0.2.5

Running on/with	Platform Versions
Huawei Cd18 10	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Cd15 10 Firmware	From 9.0.2.3 to 10.0.2.5

Running on/with	Platform Versions
Huawei Hirouter Cd15 10	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Cd20 10 Firmware	From 9.0.3.9 to 10.0.2.6

Running on/with	Platform Versions
Huawei Hirouter Cd20 10	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Cd21 16 Firmware	From 9.0.3.9 to 10.0.2.5

Running on/with	Platform Versions
Huawei Hirouter Cd21 16	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Cd30 10 Firmware	From 10.0.2.8 to 10.0.2.9

Running on/with	Platform Versions
Huawei Hirouter Cd30 10	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter Cd30 11 Firmware	From 10.0.2.8 to 10.0.2.9

Running on/with	Platform Versions
Huawei Hirouter Cd30 11	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hirouter H1 10 Firmware	From 9.0.3.11 to 10.0.2.5

Running on/with	Platform Versions
Huawei Hirouter H1 10	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Tc5200 10 Firmware	From 10.0.2.3 to 10.0.2.5

Running on/with	Platform Versions
Huawei Tc5200 10	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5100 10 Firmware	From 9.0.3.11 to 10.0.2.7

Running on/with	Platform Versions
Huawei Ws5100 10	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5102 10 Firmware	From 10.0.2.2 to 10.0.2.7

Running on/with	Platform Versions
Huawei Ws5102 10	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5106 10 Firmware	From 10.0.2.2 to 10.0.2.7

Running on/with	Platform Versions
Huawei Ws5106 10	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5108 10 Firmware	From 10.0.2.2 to 10.0.2.7

Running on/with	Platform Versions
Huawei Ws5108 10	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5200 10 Firmware	From 9.0.3.9 to 10.0.2.6

Running on/with	Platform Versions
Huawei Ws5200 10	All versions

Configuration Q

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5200 11 Firmware	Version 10.0.2.3
Huawei Ws5200 11 Firmware	Version 9.0.3.11

Running on/with	Platform Versions
Huawei Ws5200 11	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5280 10 Firmware	From 9.0.3.22 to 10.0.2.6

Running on/with	Platform Versions
Huawei Ws5280 10	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws5280 11 Firmware	From 9.0.3.22 to 10.0.2.6

Running on/with	Platform Versions
Huawei Ws5280 11	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws6500 10 Firmware	From 10.0.2.3 to 10.0.2.5

Running on/with	Platform Versions
Huawei Ws6500 10	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws6500 11 Firmware	From 10.0.2.2 to 10.0.2.7

Running on/with	Platform Versions
Huawei Ws6500 11	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Ws826 10 Firmware	From 9.0.3.11 to 10.0.2.5

Running on/with	Platform Versions
Huawei Ws826 10	All versions

References (2)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en

Source: psirt@huawei.com

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-homerouter-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.