CVE-2025-49599
4.1
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Summary
Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the Epuser account to disable ONT firewall functionality, e.g., to remove the default blocking of the SSH and TELNET TCP ports, aka HWNO-56Q3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei | EG8141A5 | 0 <= V5R019C00S100 | affected |
| Huawei | EG8145V5 | 0 <= V5R019C00S100 | affected |
| Huawei | EG8145V5-V2 | 0 <= V5R021C00S184 | affected |
Weaknesses
- CWE-863: CWE-863 Incorrect Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.