CVE-2016-6158
MEDIUMHuawei WS331a - CSRF
Title source: llmDescription
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors.
Scores
CVSS v3
6.1
EPSS
0.0016
EPSS Percentile
36.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H
Classification
CWE
CWE-352
Status
published
Affected Products (2)
huawei/ws331a_router_firmware
n/a/n/a
Timeline
Published
Sep 21, 2016
Tracked Since
Feb 18, 2026