CVE-2017-8176
HIGHHuawei IPTV STB < V100R003C01LMYTa6SPC001 - Authentication Bypass via Serial Interface
Title source: llmDescription
Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view channels by free.
References (2)
Core 2
Core References
Various Sources x_refsource_confirm
http://support.huawei.com/carrier/navi?coltype=software?lang=en#col=software&detailId=PBI1-22570793&path=PBI1-21262245/PBI1-22317450/PBI1-22317491/PBI1-19974608/PBI1-14715&lang=en%3B
Third Party Advisory x_refsource_misc
http://security.my/post/165370836947/cve-2017-8176
Scores
CVSS v3
7.5
EPSS
0.0018
EPSS Percentile
38.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (1)
huawei/iptv_stb_firmware
< v100r003c01lmyta6spc001
Published
Mar 20, 2018
Tracked Since
Feb 18, 2026