NewsSecurity Vulnerabilities

Connection Hijacking Vulnerability in Huawei Home Routers (CVE-2023-52718)

CVE number = CVE-2023-52718

A connection hijacking vulnerability exists in some Huawei home routers.

Successful exploitation of this vulnerability may cause DoS or information leakage.

This vulnerability can be exploited only when the following conditions are present:

The attacker accesses the same LAN as the victim device and obtains information about the victim device and the network.

Affected ProductAffected VersionRepair Version
PT9030-15PT9030-15 3.0.3.266PT9030-15 3.0.3.270
WS7206-10WS7206-10 11.0.5.19WS7206-10 3.0.3.207
WS7206-10WS7206-10 2.1.0.203WS7206-10 2.1.0.205
WS7290-15WS7290-15 3.0.3.266WS7290-15 3.0.3.270
WS8000-10WS8000-16 3.0.3.236WS8000-10 3.0.3.239
WS8001-10WS8001-10 3.0.3.242WS8001-10 4.0.0.11(V3R2)
WS8002-10WS8002-10 3.0.3.242WS8002-10 4.0.0.11(V3R2)
WS8500-10WS8500-16 3.0.3.235WS8500-10 3.0.3.239
WS8502-10WS8502-10 3.0.3.242WS8503-10 4.0.0.11(V3R2)
WS8700-10WS8700-10 3.0.3.251WS8700-10 3.0.3.255

Technical details:

Some Huawei home routers have a connection hijacking vulnerability. An attacker on the same LAN as the victim device can exploit this vulnerability through the TCP connection sequence number and response number. Successful exploitation of this vulnerability may cause DoS or information leakage on the victim device.

The product that supports automatic update will receive a system update prompt. You can install the update to fix the vulnerability.

Jason Davies

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.