CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17309

Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.097

EPSS Ranking 92.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

http://packetstormsecurity.com/files/155954/Huawei-HG255-Directory-Traversal.html
http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20170911-01-hg255s-en
http://packetstormsecurity.com/files/155954/Huawei-HG255-Directory-Traversal.html
http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20170911-01-hg255s-en

Products affected by CVE-2017-17309

Huawei » Hg255s-10 » Version: N/A

cpe:2.3:h:huawei:hg255s-10:-
Huawei » Hg255s-10 Firmware » Version: v100r001c163b025sp02

cpe:2.3:o:huawei:hg255s-10_firmware:v100r001c163b025sp02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17309

Products

Pricing

Contact Us