CVE-2023-52718 — MEDIUM (6.4)

Vulnerability Description

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a (CVE)ID:CVE-2023-52718

CVSS Score

6.4

MEDIUM

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Huawei	Pt9030-15 Firmware	3.0.3.266
Huawei	Pt9030-15	-
Huawei	Ws7206-10 Firmware	11.0.5.19
Huawei	Ws7206-10	-
Huawei	Ws7290-15 Firmware	3.0.3.266
Huawei	Ws7290-15	-
Huawei	Ws8000-10 Firmware	3.0.3.236
Huawei	Ws8000-10	-
Huawei	Ws8001-10 Firmware	3.0.3.242
Huawei	Ws8001-10	-
Huawei	Ws8002-10 Firmware	3.0.3.242
Huawei	Ws8002-10	-
Huawei	Ws8500-10 Firmware	3.0.3.235
Huawei	Ws8500-10	-
Huawei	Ws8502-10 Firmware	3.0.3.242
Huawei	Ws8502-10	-
Huawei	Ws8700-10 Firmware	3.0.3.251
Huawei	Ws8700-10	-

Related Weaknesses (CWE)

CWE-420

References

https://www.huawei.com/br/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dVendor Advisory

FAQ

What is CVE-2023-52718?

CVE-2023-52718 is a vulnerability with a CVSS score of 6.4 (MEDIUM). A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This ...

How severe is CVE-2023-52718?

CVE-2023-52718 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-52718?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Pt9030-15 Firmware, Huawei Pt9030-15, Huawei Ws7206-10 Firmware, Huawei Ws7206-10, Huawei Ws7290-15 Firmware.