Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B146D41SP00C00 and E3236sWebUI-V100R007B100D03SP01C03 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) use device functions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | E3236 Firmware | e3236s-2tcpu-22.146.29.00.00 |
| Huawei | E3276 Firmware | e3276s-150tcpu-22.265.03.00.00 |
Related Weaknesses (CWE)
References
- http://osvdb.org/show/osvdb/109885
- http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95198
- http://osvdb.org/show/osvdb/109885
- http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95198
FAQ
What is CVE-2014-8331?
CVE-2014-8331 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B1...
How severe is CVE-2014-8331?
CVE-2014-8331 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8331?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei E3236 Firmware, Huawei E3276 Firmware.