CVE-2018-7937
N/A
N/A
Summary
In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into installing it. Successful exploit could allow the attacker to obtain the root permission of the device and take full control over the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | HiRouter-CD20, WS5200-10 | The versions before HiRouter-CD20-10 1.9.6, The versions before WS5200-10 1.9.6 | affected |
Weaknesses
- plug-in signature bypass
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.