Overview
- Description
- Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view channels by free.
- Source
- psirt@huawei.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:iptv_stb_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5235F6C-40BC-40FD-947C-16B0ECA74D39",
"versionEndExcluding": "v100r003c01lmyta6spc001"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:iptv_stb:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC278E31-C7CA-40C9-A6C9-64112505993F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]