CVE-2014-5327 - Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allow

CVE-2014-5327

Summary

Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long URI.

References

http://jvn.jp/en/jp/JVN58417930/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000120
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-373056.htm

Vulnerable Configurations

cpe:2.3:o:huawei:e5332_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:e5332_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:e5332:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:e5332:-:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 15-10-2014 - 14:33)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:C

refmap via4

confirm	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-373056.htm
jvn	JVN#58417930
jvndb	JVNDB-2014-000120

Last major update

15-10-2014 - 14:33

Published

12-10-2014 - 01:55

Last modified

15-10-2014 - 14:33