CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-40041

There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain information disclosure. Affected product versions include: WS318n-21 10.0.2.2, 10.0.2.5 and 10.0.2.6.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.6%

CVSS Severity

CVSS v3 Score 4.2

CVSS v2 Score 1.9

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211229-01-xss-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211229-01-xss-en

Products affected by CVE-2021-40041

Huawei » Ws318n-21 » Version: N/A

cpe:2.3:h:huawei:ws318n-21:-
Huawei » Ws318n-21 Firmware » Version: 10.0.2.2

cpe:2.3:o:huawei:ws318n-21_firmware:10.0.2.2
Huawei » Ws318n-21 Firmware » Version: 10.0.2.5

cpe:2.3:o:huawei:ws318n-21_firmware:10.0.2.5
Huawei » Ws318n-21 Firmware » Version: 10.0.2.6

cpe:2.3:o:huawei:ws318n-21_firmware:10.0.2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-40041

Products

Pricing

Contact Us