CVE-2023-52718

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-52718
A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a (CVE)ID:CVE-2023-52718

6.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.huawei.com/br/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dedde-en Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:pt9030-15_firmware:3.0.3.266:*:*:*:*:*:*:*
cpe:2.3:h:huawei:pt9030-15:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:ws7206-10_firmware:11.0.5.19:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:ws7206-10_firmware:2.1.0.203:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:ws7290-15_firmware:3.0.3.266:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7290-15:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:ws8000-10_firmware:3.0.3.236:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8000-10:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:ws8001-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8001-10:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:huawei:ws8002-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8002-10:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:huawei:ws8500-10_firmware:3.0.3.235:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8500-10:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:ws8502-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8502-10:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:ws8700-10_firmware:3.0.3.251:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8700-10:-:*:*:*:*:*:*:*
History

13 Jan 2025, 20:50

Type Values Removed Values Added
References () https://www.huawei.com/br/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dedde-en - () https://www.huawei.com/br/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dedde-en - Vendor Advisory
CWE NVD-CWE-noinfo
Summary
  • (es) Existe una vulnerabilidad de secuestro de conexión en algunos routeres domésticos de Huawei. La explotación exitosa de esta vulnerabilidad puede causar ataques de denegación de servicio (DoS) o fuga de información. (ID de vulnerabilidad: HWPSIRT-2023-34408) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad de seguridad (CVE): CVE-2023-52718
First Time Huawei ws8502-10
Huawei ws8502-10 Firmware
Huawei ws8000-10 Firmware
Huawei ws8001-10
Huawei ws7206-10
Huawei ws8001-10 Firmware
Huawei ws7290-15 Firmware
Huawei ws8000-10
Huawei ws8700-10
Huawei ws8500-10 Firmware
Huawei ws8002-10 Firmware
Huawei ws8700-10 Firmware
Huawei ws7290-15
Huawei pt9030-15 Firmware
Huawei ws7206-10 Firmware
Huawei pt9030-15
Huawei ws8500-10
Huawei
Huawei ws8002-10
CPE cpe:2.3:o:huawei:ws7206-10_firmware:11.0.5.19:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws8000-10_firmware:3.0.3.236:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8000-10:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws7206-10_firmware:2.1.0.203:*:*:*:*:*:*:*
cpe:2.3:o:huawei:pt9030-15_firmware:3.0.3.266:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws7290-15_firmware:3.0.3.266:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8700-10:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8001-10:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws8700-10_firmware:3.0.3.251:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8500-10:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws8001-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws8002-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws8502-10_firmware:3.0.3.242:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8002-10:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws8500-10_firmware:3.0.3.235:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws8502-10:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7290-15:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:pt9030-15:-:*:*:*:*:*:*:*

28 Dec 2024, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-12-28 08:15

Updated : 2025-01-13 20:50

NVD link : CVE-2023-52718

Mitre link : CVE-2023-52718

CVE.ORG link : CVE-2023-52718

JSON object : View

Products Affected

huawei

  • ws7206-10
  • pt9030-15_firmware
  • ws7290-15_firmware
  • ws8000-10_firmware
  • ws8000-10
  • ws8001-10_firmware
  • ws7290-15
  • ws8500-10
  • ws8700-10
  • pt9030-15
  • ws8500-10_firmware
  • ws8700-10_firmware
  • ws8002-10_firmware
  • ws7206-10_firmware
  • ws8001-10
  • ws8502-10_firmware
  • ws8002-10
  • ws8502-10
CWE
CWE-420

Unprotected Alternate Channel

NVD-CWE-noinfo