Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities found for hg532s by huawei
VAR-201511-0079
Vulnerability from variot - Updated: 2025-04-13 23:14Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI. For example, a remote attacker http://[IP address ]:37215/icon/../../../etc/inittab By directly accessing inittab It is possible to get the file. Depending on your settings, LAN You may be exposed to these attacks from the outside. Huawei HG532e, HG532n, and HG532s are wireless router products from Huawei. Multiple Huawei HG532 routers are prone to a directory-traversal vulnerability. An attacker can exploit this issue to obtain sensitive information that could aid in further attacks. The following products are affected: Huawei HG532e, HG532n, HG532s
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg532e",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "hg532n",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "hg532s",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "hg532s",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "hg532n",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "hg532e",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ws550-10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ws318-10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "hg532s",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "hg532n",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "hg532e",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "hg532",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ws550-10 v100r001c01b020",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ws550-10 v100r001c01b019",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ws318-10 v100r001c01b022",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hg532e v100r001c02b017",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "BID",
"id": "77506"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:hg532e",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:hg532n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:hg532s",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roberto Paleari and Aristide Fattori",
"sources": [
{
"db": "BID",
"id": "77506"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7254",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7254",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 3.3,
"collateralDamagePotential": "NONE",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 2.0,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 6.5,
"id": "CVE-2015-7254",
"impactScore": 2.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "LOW",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2015-07474",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-85215",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7254",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7254",
"trust": 0.8,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-7254",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07474",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-114",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85215",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "VULHUB",
"id": "VHN-85215"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI. For example, a remote attacker http://[IP address ]:37215/icon/../../../etc/inittab By directly accessing inittab It is possible to get the file. Depending on your settings, LAN You may be exposed to these attacks from the outside. Huawei HG532e, HG532n, and HG532s are wireless router products from Huawei. Multiple Huawei HG532 routers are prone to a directory-traversal vulnerability. \nAn attacker can exploit this issue to obtain sensitive information that could aid in further attacks. The following products are affected: Huawei HG532e, HG532n, HG532s",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7254"
},
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "BID",
"id": "77506"
},
{
"db": "VULHUB",
"id": "VHN-85215"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/438928",
"trust": 0.8,
"type": "unknown"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-85215",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "VULHUB",
"id": "VHN-85215"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#438928",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2015-7254",
"trust": 3.4
},
{
"db": "BID",
"id": "77506",
"trust": 1.4
},
{
"db": "EXPLOIT-DB",
"id": "45991",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU94520968",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07474",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-89721",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-89765",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150788",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-85215",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "VULHUB",
"id": "VHN-85215"
},
{
"db": "BID",
"id": "77506"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"id": "VAR-201511-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "VULHUB",
"id": "VHN-85215"
}
],
"trust": 1.27187501
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07474"
}
]
},
"last_update_date": "2025-04-13T23:14:24.721000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patches for various Huawei product catalog traversal vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/66572"
},
{
"title": "Multiple Huawei Product Directory Traversal Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58609"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85215"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/77506"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
},
{
"trust": 1.1,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"trust": 1.1,
"url": "https://github.com/0xadrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-460507.htm"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7254"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94520968/index.html"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7254"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/2015/hw-462908"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "VULHUB",
"id": "VHN-85215"
},
{
"db": "BID",
"id": "77506"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#438928"
},
{
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"db": "VULHUB",
"id": "VHN-85215"
},
{
"db": "BID",
"id": "77506"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-06T00:00:00",
"db": "CERT/CC",
"id": "VU#438928"
},
{
"date": "2015-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"date": "2015-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-85215"
},
{
"date": "2015-11-06T00:00:00",
"db": "BID",
"id": "77506"
},
{
"date": "2015-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"date": "2015-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"date": "2015-11-07T03:59:01.517000",
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-09T00:00:00",
"db": "CERT/CC",
"id": "VU#438928"
},
{
"date": "2015-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07474"
},
{
"date": "2018-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-85215"
},
{
"date": "2016-11-24T01:09:00",
"db": "BID",
"id": "77506"
},
{
"date": "2015-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005776"
},
{
"date": "2015-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-114"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7254"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei HG532 routers contain a path traversal vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#438928"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-114"
}
],
"trust": 0.6
}
}
CVE-2015-7254 (GCVE-0-2015-7254)
Vulnerability from nvd – Published: 2015-11-07 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2015-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"name": "VU#438928",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"name": "77506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-15T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"name": "VU#438928",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"name": "77506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45991",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"name": "VU#438928",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"name": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py",
"refsource": "MISC",
"url": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"name": "77506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77506"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-462908",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7254",
"datePublished": "2015-11-07T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7254 (GCVE-0-2015-7254)
Vulnerability from cvelistv5 – Published: 2015-11-07 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2015-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"name": "VU#438928",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"name": "77506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-15T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"name": "VU#438928",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"name": "77506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45991",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45991/"
},
{
"name": "VU#438928",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/438928"
},
{
"name": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py",
"refsource": "MISC",
"url": "https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py"
},
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm"
},
{
"name": "77506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77506"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-462908",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462908"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7254",
"datePublished": "2015-11-07T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}