VAR-201002-0313
Vulnerability from variot - Updated: 2022-05-17 02:08Huawei HG510 is a terminal device for home digital networks that provides ADSL connectivity. The Huawei HG510 has a security vulnerability that allows an attacker to bypass security restrictions and perform cross-site request forgery attacks: - The device does not perform any security checks to allow the user to perform some operations through HTTP requests, such as rebooting the device or changing settings (including passwords). - The device does not properly restrict access to the script rebootinfo.cgi, and can directly access the script to restart the device. Note that this also attacks through cross-site request forgery attacks. ----------------------------------------------------------------------
Public Beta of CSI and WSUS Integration http://secunia.com/blog/74
TITLE: Huawei HG510 Security Bypass and Cross-Site Request Forgery Vulnerabilities
SECUNIA ADVISORY ID: SA38591
VERIFY ADVISORY: http://secunia.com/advisories/38591/
DESCRIPTION: Ivan Markovic has reported some vulnerabilities in Huawei HG510, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks. This can be exploited to e.g. reboot the device or change certain settings (including passwords). Do not browse untrusted websites or follow untrusted links while logged in to the device.
PROVIDED AND/OR DISCOVERED BY: Ivan Markovic, Network Security Solutions
ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2010-02/0155.html
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201002-0313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "510"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "86609"
}
],
"trust": 0.1
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei HG510 is a terminal device for home digital networks that provides ADSL connectivity. The Huawei HG510 has a security vulnerability that allows an attacker to bypass security restrictions and perform cross-site request forgery attacks: - The device does not perform any security checks to allow the user to perform some operations through HTTP requests, such as rebooting the device or changing settings (including passwords). - The device does not properly restrict access to the script rebootinfo.cgi, and can directly access the script to restart the device. Note that this also attacks through cross-site request forgery attacks. ----------------------------------------------------------------------\n\n\nPublic Beta of CSI and WSUS Integration\nhttp://secunia.com/blog/74\n\n\n----------------------------------------------------------------------\n\nTITLE:\nHuawei HG510 Security Bypass and Cross-Site Request Forgery\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA38591\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38591/\n\nDESCRIPTION:\nIvan Markovic has reported some vulnerabilities in Huawei HG510,\nwhich can be exploited by malicious people to bypass certain security\nrestrictions and conduct cross-site request forgery attacks. This can be exploited to e.g. reboot the device or change\ncertain settings (including passwords). Do not browse untrusted websites or\nfollow untrusted links while logged in to the device. \n\nPROVIDED AND/OR DISCOVERED BY:\nIvan Markovic, Network Security Solutions\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2010-02/0155.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
},
{
"db": "PACKETSTORM",
"id": "86609"
}
],
"trust": 0.63
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "38591",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-0259",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "86609",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
},
{
"db": "PACKETSTORM",
"id": "86609"
}
]
},
"id": "VAR-201002-0313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
}
]
},
"last_update_date": "2022-05-17T02:08:22.493000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/38591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-02/0155.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/74"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
},
{
"db": "PACKETSTORM",
"id": "86609"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
},
{
"db": "PACKETSTORM",
"id": "86609"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0259"
},
{
"date": "2010-02-23T17:05:22",
"db": "PACKETSTORM",
"id": "86609"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0259"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei HG510 Secure Bypass and Cross-Site Script Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0259"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "csrf",
"sources": [
{
"db": "PACKETSTORM",
"id": "86609"
}
],
"trust": 0.1
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…