Huawei E355 Firmware vulnerabilities
2 known vulnerabilities affecting huawei/e355_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2013-6031P3MEDIUMCVSS 4.3PoCv21.157.37.01.9102014-03-11
CVE-2013-6031 [MEDIUM] CWE-287 CVE-2013-6031: The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, via a direct request to (1) api/wlan/security-settings, (2) api/device/information, (3) api/wlan/basic-settings, (4) api/wlan/mac-filter, (5) api/monitori
nvd
CVE-2014-2968P4MEDIUMCVSS 4.3v21.157.37.01.9102014-07-24
CVE-2014-2968 [MEDIUM] CWE-79 CVE-2014-2968: Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem wit
Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary web script or HTML via an SMS message.
nvd