CVE-2018-7935

MEDIUM

Huawei E5573Cs-322 Firmware 21.328.01.00.00 - Denial of Service

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7935. PoCs published by zux0x3a.

AI-analyzed exploit summary This PoC demonstrates a Denial of Service (DoS) vulnerability in Huawei E5573Cs-322 routers by repeatedly sending requests to the `/api/net/plmn-list` endpoint with a valid SessionID. The exploit requires a valid session cookie to function.

Description

There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.

Exploits (1)

nomisec WORKING POC 2 stars

by zux0x3a · poc

https://github.com/zux0x3a/CVE-2018-7935

View Code ZIP pw:eip

This PoC demonstrates a Denial of Service (DoS) vulnerability in Huawei E5573Cs-322 routers by repeatedly sending requests to the `/api/net/plmn-list` endpoint with a valid SessionID. The exploit requires a valid session cookie to function.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Huawei E5573Cs-322 router

Auth required

Prerequisites: Valid SessionID cookie from the target router

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://www.huawei.com/en/psirt/security-notices/huawei-sn-20230210-01-dos-en

Scores

CVSS v3 5.3

EPSS 0.0109

EPSS Percentile 61.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-20

Status published

Products (1)

huawei/e5573cs-322_firmware 21.328.01.00.00

Published Feb 10, 2023

Tracked Since Feb 18, 2026