CVSS: 6.7EPSS: 0%CPEs: 94EXPL: 0CVE-2019-5300
https://notcve.org/view.php?id=CVE-2019-5300
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device. Existe una vulnerabilidad de omisión de verificación de firma digital en los routers Huawei AR1200, AR1200-S, AR150, AR160, AR20000, AR2200-S, AR3200, SRG1300, SRG2300 y SRG3300. La vulnerabilidad se debe a que el software afectado verifica incorrectamente las firmas digitales de la imagen del software en el dispositivo afectado. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en • CWE-347: Improper Verification of Cryptographic Signature •