VAR-201306-0351
Vulnerability from variot - Updated: 2025-04-11 23:12The Huawei Access Router (AR) before V200R002SPC003 allows remote attackers to cause a denial of service (device reset) via a crafted field in a DHCP request, as demonstrated by a request from an IP phone. Huawei AR Series Routers is a low-end router device introduced by Huawei. The Huawei AR series routers have an error in the authentication and authorization fields in the DHCP packets. The remote attacker is allowed to use the vulnerability to send specially-made DHCP packets to reset the device. To successfully exploit the vulnerability, the device needs to be used as a DHCP server. Successful exploitation of this vulnerability could result in a denial of service. Successfully exploiting this issue will result in a denial-of-service condition. Huawei AR V200R002C01SPC200 and prior versions are vulnerable. This product provides mobile and fixed network access methods, suitable for enterprise networks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0351",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "access router",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r002c01spc200"
},
{
"model": "ar series routers ar v200r002c01spc200",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "access router",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r002c01spc200"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:access_router",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "58939"
}
],
"trust": 0.3
},
"cve": "CVE-2013-4632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-4632",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2013-02863",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-64634",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-4632",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-4632",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2013-02863",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-412",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-64634",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "VULHUB",
"id": "VHN-64634"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Huawei Access Router (AR) before V200R002SPC003 allows remote attackers to cause a denial of service (device reset) via a crafted field in a DHCP request, as demonstrated by a request from an IP phone. Huawei AR Series Routers is a low-end router device introduced by Huawei. The Huawei AR series routers have an error in the authentication and authorization fields in the DHCP packets. The remote attacker is allowed to use the vulnerability to send specially-made DHCP packets to reset the device. To successfully exploit the vulnerability, the device needs to be used as a DHCP server. Successful exploitation of this vulnerability could result in a denial of service. \nSuccessfully exploiting this issue will result in a denial-of-service condition. \nHuawei AR V200R002C01SPC200 and prior versions are vulnerable. This product provides mobile and fixed network access methods, suitable for enterprise networks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4632"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114"
},
{
"db": "BID",
"id": "58939"
},
{
"db": "VULHUB",
"id": "VHN-64634"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4632",
"trust": 2.8
},
{
"db": "BID",
"id": "58939",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201306-412",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-02863",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-64634",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "VULHUB",
"id": "VHN-64634"
},
{
"db": "BID",
"id": "58939"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114"
},
{
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"id": "VAR-201306-0351",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "VULHUB",
"id": "VHN-64634"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
}
]
},
"last_update_date": "2025-04-11T23:12:49.857000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20130407-01-AR",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-258476.htm"
},
{
"title": "Huawei AR Series Router DHCP Packet Parsing Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/33197"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64634"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-258476.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4632"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4632"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58939"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/us/productslifecycle/datacommunicationsproducts/networksecurityproducts/hw-144650.htm"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "VULHUB",
"id": "VHN-64634"
},
{
"db": "BID",
"id": "58939"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114"
},
{
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "VULHUB",
"id": "VHN-64634"
},
{
"db": "BID",
"id": "58939"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114"
},
{
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"date": "2013-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-64634"
},
{
"date": "2013-04-07T00:00:00",
"db": "BID",
"id": "58939"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-114"
},
{
"date": "2013-06-20T15:55:01.107000",
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"date": "2013-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-64634"
},
{
"date": "2015-03-19T08:27:00",
"db": "BID",
"id": "58939"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003091"
},
{
"date": "2013-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-114"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-4632"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei AR Series Router DHCP Packet Parsing Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02863"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-114"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-412"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…