CVE-2018-7933 - Vulnerability Details - OpenCVE

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Huawei	Hirouter-cd20 Hirouter-cd20 Firmware Ws5200 Ws5200 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:huawei:hirouter-cd20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:hirouter-cd20:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:ws5200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:ws5200:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en

History

No history.

MITRE

Status: PUBLISHED

Assigner: huawei

Published: 2018-05-10T14:00:00

Updated: 2024-08-05T06:37:59.671Z

Reserved: 2018-03-09T00:00:00

Link: CVE-2018-7933

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-05-10T14:29:00.627

Modified: 2024-11-21T04:12:58.907

Link: CVE-2018-7933

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "HiRouter-CD20, WS5200", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "HiRouter-CD20 The versions before HiRouter-CD20-10 1.9.6, WS5200 The versions before WS5200-10 1.9.6"}]}], "datePublic": "2018-05-02T00:00:00", "descriptions": [{"lang": "en", "value": "Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation."}], "problemTypes": [{"descriptions": [{"description": "path traversal", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-05-10T13:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2018-7933", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HiRouter-CD20, WS5200", "version": {"version_data": [{"version_value": "HiRouter-CD20 The versions before HiRouter-CD20-10 1.9.6, WS5200 The versions before WS5200-10 1.9.6"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "path traversal"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:37:59.671Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2018-7933", "datePublished": "2018-05-10T14:00:00", "dateReserved": "2018-03-09T00:00:00", "dateUpdated": "2024-08-05T06:37:59.671Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:hirouter-cd20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C72501C9-7569-46DC-945E-3A7771A95894", "versionEndExcluding": "hirouter-cd20-10_1.9.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:hirouter-cd20:-:*:*:*:*:*:*:*", "matchCriteriaId": "B530F879-75BB-4919-AAE9-622F8E492495", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ws5200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "09BFCD64-D03D-4ED8-B754-CD84091C449C", "versionEndExcluding": "ws5200-10_1.9.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ws5200:-:*:*:*:*:*:*:*", "matchCriteriaId": "766559DD-90F8-46C1-B8A5-7EB2DE1FE50B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation."}, {"lang": "es", "value": "Los productos dom\u00e9sticos de gateway Huawei HiRouter-CD20 y WS5200 con versiones anteriores a la HiRouter-CD20-10 1.9.6 y anteriores a la WS5200-10 1.9.6 tienen una vulnerabilidad de salto de directorio. Debido a la falta de validaci\u00f3n mientras estos productos dom\u00e9sticos de gateway instalan plugins APK, un atacante enga\u00f1a a un usuario para que instale un plugin APK malicioso que puede sobrescribir archivos arbitrarios de los dispositivos. La explotaci\u00f3n exitosa puede resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario o el escalado de privilegios."}], "id": "CVE-2018-7933", "lastModified": "2024-11-21T04:12:58.907", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-10T14:29:00.627", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-gateway-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}