VAR-201712-0033
Vulnerability from variot - Updated: 2025-04-20 23:30Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe. Huawei EC156 , EC176 ,and EC177 USB Modem product software contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. du Mobile Broadband is a wireless bandwidth device from China's Huawei. There is a local elevation of privilege vulnerability in du Mobile broadband. A local attacker could use this vulnerability to execute arbitrary code with SYSTEM privileges. There are vulnerabilities in du Mobile broadband 16.002.03.16.124, other versions may also be affected. This may aid in further attacks. It lets you access du wireless internetwherever you are and whenever you need it, all powered throughyour mobile data SIM or simply by connecting your 3G USB stickto your device.The application is vulnerable to an elevation of privilegesvulnerability which can be used by a simple user that can changethe executable file with a binary of choice. The vulnerabilityexist due to the improper permissions, with the 'F' flag (full)for the 'Everyone' and 'Users' group, for the 'du Mobile Broadband.exe'binary file. The files are installed in the 'du Mobile Broadband'directory which has the Everyone group assigned to it with fullpermissions making every single file inside vulnerable to changeby any user on the affected machine. After you replace the binarywith your rootkit, on reboot you get SYSTEM privileges.Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 64bit. Huawei EC156, EC176 and EC177 are wireless network card products of China Huawei (Huawei). The following versions are affected: Huawei EC156 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version; EC176 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version; EC177 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ec176",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003b009d05sp03c1014"
},
{
"model": "ec156",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003b009d05sp03c1014"
},
{
"model": "ec177",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003b009d05sp03c1014"
},
{
"model": "ec156",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "utps-v200r003b015d02sp07c1014 (23.015.02.07.1014)"
},
{
"model": "ec156",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003b015d02sp08c1014 (23.015.02.08.1014)"
},
{
"model": "ec176",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "utps-v200r003b015d02sp07c1014 (23.015.02.07.1014)"
},
{
"model": "ec176",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003b015d02sp08c1014 (23.015.02.08.1014)"
},
{
"model": "ec177",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "utps-v200r003b015d02sp07c1014 (23.015.02.07.1014)"
},
{
"model": "ec177",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003b015d02sp08c1014 (23.015.02.08.1014)"
},
{
"model": "du mobile broadband",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "16.002.03.16.124"
},
{
"model": "mobile partner",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "11.302.09.00.03"
},
{
"model": "technologies du mobile broadband",
"scope": "eq",
"trust": 0.1,
"vendor": "huawei",
"version": "16.002.03.16.124"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:ec156_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ec176_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ec177_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Osanda Malith",
"sources": [
{
"db": "BID",
"id": "70672"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
}
],
"trust": 0.9
},
"cve": "CVE-2014-8358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-8358",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2014-00063",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2014-07280",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-76303",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2014-8358",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8358",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8358",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-00063",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-07280",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-1287",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "ZSL",
"id": "ZSL-2013-5164",
"trust": 0.1,
"value": "(2/5)"
},
{
"author": "VULHUB",
"id": "VHN-76303",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "VULHUB",
"id": "VHN-76303"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the \"Mobile Partner\" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe. Huawei EC156 , EC176 ,and EC177 USB Modem product software contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. du Mobile Broadband is a wireless bandwidth device from China\u0027s Huawei. \nThere is a local elevation of privilege vulnerability in du Mobile broadband. A local attacker could use this vulnerability to execute arbitrary code with SYSTEM privileges. There are vulnerabilities in du Mobile broadband 16.002.03.16.124, other versions may also be affected. This may aid in further attacks. It lets you access du wireless internetwherever you are and whenever you need it, all powered throughyour mobile data SIM or simply by connecting your 3G USB stickto your device.The application is vulnerable to an elevation of privilegesvulnerability which can be used by a simple user that can changethe executable file with a binary of choice. The vulnerabilityexist due to the improper permissions, with the \u0027F\u0027 flag (full)for the \u0027Everyone\u0027 and \u0027Users\u0027 group, for the \u0027du Mobile Broadband.exe\u0027binary file. The files are installed in the \u0027du Mobile Broadband\u0027directory which has the Everyone group assigned to it with fullpermissions making every single file inside vulnerable to changeby any user on the affected machine. After you replace the binarywith your rootkit, on reboot you get SYSTEM privileges.Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 64bit. Huawei EC156, EC176 and EC177 are wireless network card products of China Huawei (Huawei). The following versions are affected: Huawei EC156 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version; EC176 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version; EC177 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8358"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"db": "BID",
"id": "70672"
},
{
"db": "BID",
"id": "64523"
},
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "VULHUB",
"id": "VHN-76303"
}
],
"trust": 3.96
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/dumb_pe.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-76303",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "VULHUB",
"id": "VHN-76303"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8358",
"trust": 2.8
},
{
"db": "BID",
"id": "70672",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "128767",
"trust": 1.7
},
{
"db": "BID",
"id": "64523",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-00063",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2014-07280",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201312-576",
"trust": 0.6
},
{
"db": "ZSL",
"id": "ZSL-2013-5164",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "30477",
"trust": 0.2
},
{
"db": "OSVDB",
"id": "90090",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2013120140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124557",
"trust": 0.1
},
{
"db": "XF",
"id": "89907",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-83860",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-76303",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "VULHUB",
"id": "VHN-76303"
},
{
"db": "BID",
"id": "70672"
},
{
"db": "BID",
"id": "64523"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"id": "VAR-201712-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "VULHUB",
"id": "VHN-76303"
}
],
"trust": 2.157142865
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
}
]
},
"last_update_date": "2025-04-20T23:30:49.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20141022- DLLHijacking",
"trust": 0.8,
"url": "http://www.huawei.com/us/psirt/security-advisories/2014/hw-376152"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-426",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76303"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/70672"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/us/psirt/security-advisories/2014/hw-376152"
},
{
"trust": 1.7,
"url": "https://packetstormsecurity.com/files/128767/huawei-mobile-partner-dll-hijacking.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/64523"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8358"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8358"
},
{
"trust": 0.3,
"url": "http://huaweinews.com/2013/08/download-mobile-partner-latest/"
},
{
"trust": 0.3,
"url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-376152.htm"
},
{
"trust": 0.3,
"url": "http://www.du.ae/en/mobile/mobilebroadband"
},
{
"trust": 0.3,
"url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2013-5164.php"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2013120140"
},
{
"trust": 0.1,
"url": "http://packetstormsecurity.com/files/124557"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/89907"
},
{
"trust": 0.1,
"url": "http://www.exploit-db.com/exploits/30477/"
},
{
"trust": 0.1,
"url": "http://www.vfocus.net/art/20131225/11294.html"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/90090"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "VULHUB",
"id": "VHN-76303"
},
{
"db": "BID",
"id": "70672"
},
{
"db": "BID",
"id": "64523"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"db": "VULHUB",
"id": "VHN-76303"
},
{
"db": "BID",
"id": "70672"
},
{
"db": "BID",
"id": "64523"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-19T00:00:00",
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"date": "2014-01-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"date": "2014-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"date": "2017-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-76303"
},
{
"date": "2014-10-20T00:00:00",
"db": "BID",
"id": "70672"
},
{
"date": "2013-12-19T00:00:00",
"db": "BID",
"id": "64523"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"date": "2013-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"date": "2014-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"date": "2017-12-11T21:29:00.237000",
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-05T00:00:00",
"db": "ZSL",
"id": "ZSL-2013-5164"
},
{
"date": "2014-01-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00063"
},
{
"date": "2014-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07280"
},
{
"date": "2017-12-29T00:00:00",
"db": "VULHUB",
"id": "VHN-76303"
},
{
"date": "2015-03-19T09:15:00",
"db": "BID",
"id": "70672"
},
{
"date": "2013-12-19T00:00:00",
"db": "BID",
"id": "64523"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008447"
},
{
"date": "2013-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"date": "2017-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1287"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2014-8358"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "70672"
},
{
"db": "BID",
"id": "64523"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-576"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Unreliable search path vulnerability in modem product software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008447"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-576"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1287"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…