Description
Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/82246
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/972224
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en
Scores
CVSS v3
7.5
EPSS
0.0036
EPSS Percentile
58.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (2)
huawei/e5151_firmware
< e5151s-2tcpu-v200r001b141d13sp00c1080
huawei/e5186_firmware
< v200r001b306d01c00
Published
Feb 01, 2016
Tracked Since
Feb 18, 2026