{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T21:09:11.202","vulnerabilities":[{"cve":{"id":"CVE-2020-9241","sourceIdentifier":"psirt@huawei.com","published":"2020-08-17T16:15:14.107","lastModified":"2024-11-21T05:40:14.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device."},{"lang":"es","value":"Huawei 5G Mobile WiFi E6878-370 con versiones de 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP21C233), presentan una vulnerabilidad de autorización inapropiada.  El dispositivo no restringe determinados datos recibidos de un puerto WAN. Una explotación con éxito podría permitir a un atacante en el lado de la WAN administrar determinado servicio del dispositivo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp1c00\\):*:*:*:*:*:*:*","matchCriteriaId":"E527F624-8AAE-47FB-A19A-0A75BA43BFB8"},{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp21c233\\):*:*:*:*:*:*:*","matchCriteriaId":"7793D7FE-F4FE-4BEB-8B4F-F07759A06E9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*","matchCriteriaId":"ADA263F9-F9F5-4249-A55A-748689F0271E"}]}]}],"references":[{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}