CVE-2017-17309

Sažetak

Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication.

Reference

http://packetstormsecurity.com/files/155954/Huawei-HG255-Directory-Traversal.html
http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20170911-01-hg255s-en

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

15-01-2020 - 19:15

Objavljeno

14-06-2018 - 14:29