{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T16:29:30.666","vulnerabilities":[{"cve":{"id":"CVE-2021-40041","sourceIdentifier":"psirt@huawei.com","published":"2022-01-10T14:10:23.123","lastModified":"2024-11-21T06:23:26.723","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain information disclosure. Affected product versions include: WS318n-21 10.0.2.2, 10.0.2.5 and 10.0.2.6."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo Cross-Site Scripting(XSS) en el producto HUAWEI WS318n cuando son procesados los ajustes de red. Debido a una comprobación de entrada insuficiente del usuario, un atacante local autenticado podría explotar esta vulnerabilidad al inyectar caracteres especiales. Una explotación con éxito podría causar determinada divulgación de información. Las versiones del producto afectadas son: WS318n-21 10.0.2.2, 10.0.2.5 y 10.0.2.6"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.1,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:N/I:P/A:N","baseScore":1.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:ws318n-21_firmware:10.0.2.2:*:*:*:*:*:*:*","matchCriteriaId":"951E297A-36DB-4EA5-B011-CB2E7AE5E671"},{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:ws318n-21_firmware:10.0.2.5:*:*:*:*:*:*:*","matchCriteriaId":"E475C051-DE1A-4E4E-B0BB-AB900078B1CB"},{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:ws318n-21_firmware:10.0.2.6:*:*:*:*:*:*:*","matchCriteriaId":"0273D8BE-11C2-4CEC-A799-C2A4D9970472"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:ws318n-21:-:*:*:*:*:*:*:*","matchCriteriaId":"96114840-BAF9-476B-AE8D-27DCB0977CDB"}]}]}],"references":[{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211229-01-xss-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211229-01-xss-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}