E355
Monthly
Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information,. Rated medium severity (CVSS 4.3). Public exploit code available and no vendor patch available.
Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information,. Rated medium severity (CVSS 4.3). Public exploit code available and no vendor patch available.