Huawei UAP2105 prior V300R012C00SPC160 VxWorks Shell 7pk security

A vulnerability has been found in Huawei UAP2105 and classified as critical. Affected by this vulnerability is some unknown functionality of the component VxWorks Shell. Upgrading to version V300R012C00SPC160 eliminates this vulnerability.

Field	09/26/2017 09:02 AM	11/19/2019 01:32 PM	01/14/2021 12:10 PM
vendor	Huawei	Huawei	Huawei
name	UAP2105	UAP2105	UAP2105
component	VxWorks Shell	VxWorks Shell	VxWorks Shell
cwe	254 (privilege escalation)	254 (privilege escalation)	254 (privilege escalation)
risk	1	1	1
historic	0	0	0
cvss2_vuldb_basescore	6.9	6.9	6.9
cvss2_vuldb_tempscore	6.0	6.0	6.0
cvss2_vuldb_av	L	L	L
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	C	C	C
cvss2_vuldb_ii	C	C	C
cvss2_vuldb_ai	C	C	C
cvss2_nvd_av	L	L	L
cvss2_nvd_ac	L	L	L
cvss2_nvd_au	N	N	N
cvss2_nvd_ci	C	C	C
cvss2_nvd_ii	C	C	C
cvss2_nvd_ai	C	C	C
cvss3_meta_basescore	7.6	7.6	7.6
cvss3_meta_tempscore	7.3	7.3	7.3
cvss3_vuldb_basescore	8.4	8.4	8.4
cvss3_vuldb_tempscore	8.0	8.0	8.0
cvss3_vuldb_av	L	L	L
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	H	H	H
cvss3_vuldb_i	H	H	H
cvss3_vuldb_a	H	H	H
cvss3_nvd_av	P	P	P
cvss3_nvd_ac	L	L	L
cvss3_nvd_pr	N	N	N
cvss3_nvd_ui	N	N	N
cvss3_nvd_s	U	U	U
cvss3_nvd_c	H	H	H
cvss3_nvd_i	H	H	H
cvss3_nvd_a	H	H	H
date	1506297600 (09/25/2017)	1506297600 (09/25/2017)	1506297600 (09/25/2017)
url	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm
price_0day	$5k-$25k	$5k-$25k	$5k-$25k
name	Upgrade	Upgrade	Upgrade
upgrade_version	V300R012C00SPC160	V300R012C00SPC160	V300R012C00SPC160
cve	CVE-2015-6592	CVE-2015-6592	CVE-2015-6592
cve_assigned	1440115200	1440115200	1440115200
cve_nvd_published	1506297600	1506297600	1506297600
cve_nvd_summary	Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.	Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.	Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.
securityfocus	76552	76552	76552
securityfocus_date	1441152000 (09/02/2015)	1441152000 (09/02/2015)	1441152000 (09/02/2015)
securityfocus_class	Input Validation Error	Input Validation Error	Input Validation Error
securityfocus_title	Huawei UAP2105 'VxWorks shell' Local Command Injection Vulnerability	Huawei UAP2105 'VxWorks shell' Local Command Injection Vulnerability	Huawei UAP2105 'VxWorks shell' Local Command Injection Vulnerability
location	Website	Website	Website
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	X	X	X
0day_days	754	754	754
cvss3_nvd_basescore	6.8	6.8	6.8
discoverydate		1441152000	1441152000
person_nickname		Alex	Alex
confirm_url		http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm
person_name			Alexey Osipov/Alexander Zaitsev
cvss2_nvd_basescore			7.2

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!