CVE-2023-7266

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-7266
Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulnerability has been assigned a (CVE)ID:CVE-2023-7266

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-chvishhr-d616b19e-en Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:tc7001-10_firmware:2.0.0.336\(sp6c300\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:tc7001-10:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:ws7200-10_firmware:3.0.3.215:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7200-10:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:ws7206-10_firmware:4.0.0.16\(v3r2\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*
History

13 Jan 2025, 20:48

Type Values Removed Values Added
Summary
  • (es) Algunos routeres domésticos de Huawei tienen una vulnerabilidad de secuestro de conexión. La explotación exitosa de esta vulnerabilidad puede causar ataques de denegación de servicio (DoS) o fuga de información. (ID de vulnerabilidad: HWPSIRT-2023-76605) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad de seguridad (CVE): CVE-2023-7266
CPE cpe:2.3:h:huawei:ws7206-10:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws7200-10_firmware:3.0.3.215:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ws7200-10:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ws7206-10_firmware:4.0.0.16\(v3r2\):*:*:*:*:*:*:*
cpe:2.3:o:huawei:tc7001-10_firmware:2.0.0.336\(sp6c300\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:tc7001-10:-:*:*:*:*:*:*:*
First Time Huawei
Huawei ws7206-10 Firmware
Huawei ws7206-10
Huawei tc7001-10 Firmware
Huawei ws7200-10 Firmware
Huawei ws7200-10
Huawei tc7001-10
CWE NVD-CWE-noinfo
References () https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-chvishhr-d616b19e-en - () https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-chvishhr-d616b19e-en - Vendor Advisory

28 Dec 2024, 07:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-12-28 07:15

Updated : 2025-01-13 20:48

NVD link : CVE-2023-7266

Mitre link : CVE-2023-7266

CVE.ORG link : CVE-2023-7266

JSON object : View

Products Affected

huawei

  • ws7206-10
  • ws7200-10
  • ws7200-10_firmware
  • tc7001-10_firmware
  • ws7206-10_firmware
  • tc7001-10
CWE
CWE-420

Unprotected Alternate Channel

NVD-CWE-noinfo