CVE-2014-0337

Huawei Echo Life HG8247 <V100R006C00SPC127 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 routers with software before V100R006C00SPC127 allows remote attackers to inject arbitrary web script or HTML via an invalid TELNET connection attempt with a crafted username that is not properly handled during construction of the "failed log-in attempts over telnet" log view.

References (1)

[US Government Resource] http://www.kb.cert.org/vuls/id/917700

Scores

EPSS 0.0033

EPSS Percentile 55.5%

Details

CWE

CWE-79

Status published

Products (3)

huawei/echo_life_hg8247_firmware

huawei/echo_life

n/a/n/a

Published Apr 05, 2014

Tracked Since Feb 18, 2026