CVE-2015-6592
MEDIUMHuawei UAP2105 < V300R012C00SPC160 - Unauthenticated Serial Port and VxWorks Shell Access
Title source: llmDescription
Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76552
Scores
CVSS v3
6.8
EPSS
0.0010
EPSS Percentile
27.5%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-254
Status
published
Products (4)
huawei/uap2105_firmware
v300r011c0spc100
huawei/uap2105_firmware
v300r011c01b028
huawei/uap2105_firmware
v300r011c01b030
huawei/uap2105_firmware
v300r011c01spc110
Published
Sep 25, 2017
Tracked Since
Feb 18, 2026