CVE-2014-8331
Last modified
CVE-2014-8331 is a vulnerability of currently unknown severity. Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B146D41SP00C00 and E3236sWebUI-V100R007B100D03SP01C03 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) use device functions.. EPSS estimates a 0.46% chance of exploitation in the next 30 days.
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B146D41SP00C00 and E3236sWebUI-V100R007B100D03SP01C03 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) use device functions.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | E3236 Firmware | e3236s-2tcpu-22.146.29.00.00 |
| Huawei | E3236 Firmware | webui-13.100.10.00.03 |
| Huawei | E3276 Firmware | e3276s-150tcpu-22.265.03.00.00 |
| Huawei | E3276 Firmware | webui-13.100.09.00.03 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-8331?
How severe is CVE-2014-8331?
How do I fix CVE-2014-8331?
Are you affected by CVE-2014-8331?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST