Vulnerability Description
There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations which the user are supposed not to do.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Hero-Ct060 Firmware | < 1.0.0.200 |
| Huawei | Hero-Ct060 | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210929-01-auth-eVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210929-01-auth-eVendor Advisory
FAQ
What is CVE-2021-37123?
CVE-2021-37123 is a vulnerability with a CVSS score of 9.8 (CRITICAL). There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently vali...
How severe is CVE-2021-37123?
CVE-2021-37123 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-37123?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Hero-Ct060 Firmware, Huawei Hero-Ct060.