CVE-2023-52718

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-52718
A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a (CVE)ID:CVE-2023-52718

6.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.huawei.com/br/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dedde-en Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:pt9030-15_firmware:3.0.3.266:*:*:*:*:*:*:*
cpe:2.3:h:huawei:pt9030-15:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:ws7206-10_firmware:11.0.5.19:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:ws7206-10_firmware:2.1.0.203:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:ws7290-15_firmware:3.0.3.266:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7290-15:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:ws8000-10_firmware:3.0.3.236:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8000-10:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:ws8001-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8001-10:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:huawei:ws8002-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8002-10:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:huawei:ws8500-10_firmware:3.0.3.235:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8500-10:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:ws8502-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8502-10:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:ws8700-10_firmware:3.0.3.251:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8700-10:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2024-12-28 08:15

Updated : 2025-01-13 20:50

NVD link : CVE-2023-52718

Mitre link : CVE-2023-52718

CVE.ORG link : CVE-2023-52718

JSON object : View

Products Affected

huawei

  • ws8500-10_firmware
  • ws8002-10_firmware
  • pt9030-15_firmware
  • pt9030-15
  • ws8000-10_firmware
  • ws8001-10
  • ws8500-10
  • ws8502-10_firmware
  • ws8700-10_firmware
  • ws7290-15_firmware
  • ws8000-10
  • ws7206-10_firmware
  • ws8002-10
  • ws8502-10
  • ws8001-10_firmware
  • ws8700-10
  • ws7206-10
  • ws7290-15
CWE
CWE-420

Unprotected Alternate Channel

NVD-CWE-noinfo