CVE-2023-7266

Summary

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulnerability has been assigned a (CVE)ID:CVE-2023-7266

Affected Software

VendorProductVersion RangeStatus
HuaweiTC7001-102.0.0.336(SP6C300)affected
HuaweiWS7200-10WS7200-10-OTA 3.0.3.215-fullpackage(auto_1)affected
HuaweiWS7206-10WS7206-10-OTA 4.0.0.16(V3R2)-fullpackage(auto)affected

Weaknesses

  • CWE-420: CWE-420 Unprotected Alternate Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References