CVE-2022-41579
MEDIUM WAF: Low
CVSS 6.5
Published: 2022-12-28
CWE-287 CWE-287
There is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof then connect to the band.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| huawei | hota-fara-b19_firmware | 11.1.2.40 |
References
- www.huawei.com (Vendor Advisory)