Vulnerability Note VU#341526
Huawei E355 contains a direct request vulnerability
Original Release date: 06 Mar 2014 | Last revised: 06 Mar 2014

Overview
Huawei E355 USB WiFi adapter with firmware version: 21.157.37.01.910 has been reported to contain a direct request vulnerability in the web interface. (CWE-425)

Description
Huawei E355 USB WiFi adapter with firmware version: 21.157.37.01.910 has been reported to contain a direct request vulnerability in the web interface. An attacker is able to directly access specific URL’s of the device’s web interface to gather sensitive configuration information and also change the configuration without authenticating to the device.
The reporter, Jimson K James, has written a metasploit module to exploit the vulnerability.

Impact
A remote unauthenticated attacker on an adjacent network may be able to change the administrator’s password and reconfigure the device.

Solution
We are currently unaware of a practical solution to this problem.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate UpdatedHuawei TechnologiesAffected12 Nov 201306 Mar 2014If you are a vendor and your product is affected, let
us know.

CVSS Metrics (Learn More)

Group
Score
Vector

Base
4.3
AV:A/AC:M/Au:N/C:P/I:P/A:N

Temporal
3.3
E:U/RL:ND/RC:UC

Environmental
0.8
CDP:N/TD:L/CR:ND/IR:ND/AR:ND

References

https://github.com/aczire/huawei-csrf-info_disclosure/blob/master/huawei_wifi_info.rb
http://consumer.huawei.com/en/mobile-broadband/wingle/features/e355-en.htm
http://cwe.mitre.org/data/definitions/425.html

Credit

Thanks to Jimson K James for reporting this vulnerability.
This document was written by Jared Allar.

Other Information

CVE IDs:
CVE-2013-6031

Date Public:
06 Mar 2014

Date First Published:
06 Mar 2014

Date Last Updated:
06 Mar 2014

Document Revision:
14

FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.

Leave a Reply