CVE-2013-6031
18Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 6.1%
from disclosure to weapon0 days
Published on NVDMar 11
metasploitNov 11
exploitation probability
6.1%top 7% of all CVEs
observed exploitation
nono source reports it
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, via a direct request to (1) api/wlan/security-settings, (2) api/device/information, (3) api/wlan/basic-settings, (4) api/wlan/mac-filter, (5) api/monitoring/status, or (6) api/dhcp/settings.
Affected products
n/a · n/a