All the vulnerabilites related to Huawei - HG8045Q
cve-2021-37028
Vulnerability from cvelistv5
Published
2021-08-13 15:52
Modified
2024-08-04 01:09
Severity ?
EPSS score ?
Summary
There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.huawei.com/carrier/navi?coltype=software#col=software&from=product&detailId=PBI1-252279599&path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383 | x_refsource_MISC | |
| http://jvn.jp/en/jp/JVN41646618/index.html | third-party-advisory, x_refsource_JVN |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| n/a | EchoLife HG8045Q |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
},
{
"name": "JVN#41646618",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41646618/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EchoLife HG8045Q",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V300R016C00,V300R018C10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-17T04:06:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
},
{
"name": "JVN#41646618",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN41646618/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EchoLife HG8045Q",
"version": {
"version_data": [
{
"version_value": "V300R016C00,V300R018C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383",
"refsource": "MISC",
"url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
},
{
"name": "JVN#41646618",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN41646618/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37028",
"datePublished": "2021-08-13T15:52:38",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7900
Vulnerability from cvelistv5
Published
2019-01-02 16:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Huawei Technologies Co., Ltd. | some HG products |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "some HG products",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "customized versions"
}
]
}
],
"datePublic": "2018-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-03T21:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "some HG products",
"version": {
"version_data": [
{
"version_value": "customized versions"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f",
"refsource": "MISC",
"url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
},
{
"name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7900",
"datePublished": "2019-01-02T16:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
jvndb-2021-000077
Vulnerability from jvndb
Published
2021-08-17 14:24
Modified
2021-08-17 14:24
Severity ?
Summary
Huawei EchoLife HG8045Q vulnerable to OS command injection
Details
EchoLife HT8045Q provided by Huawei is an ONT (Optical Network Terminal) device.
It is equipped with the command line interface for network operators' maintenance purpose, which is disabled by default.
When the command line interface is enabled, operators can interact with a certain restricted set of commands.
The command-line interface fails to process properly a certain crafted inputs, which enables some BusyBox-implemented commands executed (CWE-78).
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/jp/JVN41646618/index.html | |
| CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37028 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2021-37028 | |
| OS Command Injection(CWE-78) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000077.html",
"dc:date": "2021-08-17T14:24+09:00",
"dcterms:issued": "2021-08-17T14:24+09:00",
"dcterms:modified": "2021-08-17T14:24+09:00",
"description": "EchoLife HT8045Q provided by Huawei is an ONT (Optical Network Terminal) device.\r\nIt is equipped with the command line interface for network operators\u0027 maintenance purpose, which is disabled by default.\r\nWhen the command line interface is enabled, operators can interact with a certain restricted set of commands.\r\nThe command-line interface fails to process properly a certain crafted inputs, which enables some BusyBox-implemented commands executed (CWE-78).",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000077.html",
"sec:cpe": {
"#text": "cpe:/a:huawei:hg8045q",
"@product": "HG8045Q",
"@vendor": "Huawei",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "7.7",
"@severity": "High",
"@type": "Base",
"@vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-000077",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN41646618/index.html",
"@id": "JVN#41646618",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37028",
"@id": "CVE-2021-37028",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-37028",
"@id": "CVE-2021-37028",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "Huawei EchoLife HG8045Q vulnerable to OS command injection"
}
var-201901-1329
Vulnerability from variot
There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability. HuaweiHG is a gateway device of China's Huawei company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-1329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg8040h",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "hg8010h",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "hg8045q",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "hg8242h",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "hg8110h",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "hg8240h",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "hg8010h",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hg8040h",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hg8045g",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hg8110h",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hg8240h",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hg8242h",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "hg none",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:hg8010h_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:hg8040h_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:hg8045q_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:hg8110h_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:hg8240h_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:hg8242h_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
}
]
},
"cve": "CVE-2018-7900",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-7900",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-04438",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-137932",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-7900",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7900",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-7900",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-04438",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-822",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-137932",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-7900",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "VULHUB",
"id": "VHN-137932"
},
{
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
},
{
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability. HuaweiHG is a gateway device of China\u0027s Huawei company",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "VULHUB",
"id": "VHN-137932"
},
{
"db": "VULMON",
"id": "CVE-2018-7900"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7900",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-04438",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-137932",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-7900",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "VULHUB",
"id": "VHN-137932"
},
{
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
},
{
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"id": "VAR-201901-1329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "VULHUB",
"id": "VHN-137932"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
}
]
},
"last_update_date": "2024-08-14T14:56:59.015000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sn-20181219-01-hg",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
},
{
"title": "Huawei HG Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89498"
},
{
"title": "Huawei Security Advisories: Security Notice - Statement on Information Leak Vulnerability in Huawei HG Product",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=abf85a8efa9686f174e6f8372a1d2f0e"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/huawei-router-default-credential/140234/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137932"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.3,
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20181219-01-hg-cn"
},
{
"trust": 1.2,
"url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7900"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7900"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/huawei-router-default-credential/140234/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "VULHUB",
"id": "VHN-137932"
},
{
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
},
{
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "VULHUB",
"id": "VHN-137932"
},
{
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
},
{
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"date": "2019-01-02T00:00:00",
"db": "VULHUB",
"id": "VHN-137932"
},
{
"date": "2019-01-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"date": "2019-03-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"date": "2018-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-822"
},
{
"date": "2019-01-02T16:29:00.217000",
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"date": "2019-02-11T00:00:00",
"db": "VULHUB",
"id": "VHN-137932"
},
{
"date": "2019-02-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7900"
},
{
"date": "2019-03-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014437"
},
{
"date": "2019-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-822"
},
{
"date": "2019-02-11T18:34:17.870000",
"db": "NVD",
"id": "CVE-2018-7900"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei HG Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04438"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-822"
}
],
"trust": 0.6
}
}