CVE-2013-6031
Last modified
CVE-2013-6031 is a vulnerability of currently unknown severity. The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, via a direct request to (1) api/wlan/security-settings, (2) api/device/information, (3) api/wlan/basic-settings, (4) api/wlan/mac-filter, (5) api/monitoring/status, or (6) api/dhcp/settings.. EPSS estimates a 6.08% chance of exploitation in the next 30 days.
Description
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, via a direct request to (1) api/wlan/security-settings, (2) api/device/information, (3) api/wlan/basic-settings, (4) api/wlan/mac-filter, (5) api/monitoring/status, or (6) api/dhcp/settings.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | E355 Firmware | 21.157.37.01.910 |
| Huawei | E355 | All versions |
References
- http://www.kb.cert.org/vuls/id/341526US Government Resource
- http://www.kb.cert.org/vuls/id/341526US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-6031?
How severe is CVE-2013-6031?
How do I fix CVE-2013-6031?
Are you affected by CVE-2013-6031?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST