- Description
- Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view channels by free.
- Source
- psirt@huawei.com
- NVD status
- Modified
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:iptv_stb_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5235F6C-40BC-40FD-947C-16B0ECA74D39",
"versionEndExcluding": "v100r003c01lmyta6spc001"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:iptv_stb:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC278E31-C7CA-40C9-A6C9-64112505993F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]