Description
There is an improper authentication vulnerability in some Huawei AP products before version V200R009C00SPC800. Due to the improper implementation of authentication for the serial port, an attacker could exploit this vulnerability by connecting to the affected products and running a series of commands.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190327-01-ap-en
Scores
CVSS v3
6.8
EPSS
0.0003
EPSS Percentile
8.9%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
huawei/ap4050dn-e_firmware
< v200r009c00
Published
Jun 04, 2019
Tracked Since
Feb 18, 2026