Huawei Router - Authentication Bypass

What is the "Huawei Router - Authentication Bypass?"

The "Huawei Router - Authentication Bypass" module is designed to detect a vulnerability in Huawei routers that allows for authentication bypass. This vulnerability is classified as critical and has a CVSS score of 10.0, indicating its severity. The module was authored by gy741.

Impact

If exploited, this vulnerability allows an attacker to bypass authentication on Huawei routers. The default password for these routers is the last 8 characters of the device's serial number, which can be easily obtained. This unauthorized access can lead to unauthorized configuration changes, data breaches, and potential compromise of the entire network.

How the module works?

The module works by sending an HTTP request to the router's API endpoint "/api/system/deviceinfo" and then matching the response against specific conditions. The request template is as follows:

GET /api/system/deviceinfo HTTP/1.1
Host: <Hostname>
Accept: application/json, text/javascript, */*; q=0.01
Referer: 

The module's matching conditions include:

- The response status must be 200. - The response body must contain the words "DeviceName", "SerialNumber", and "HardwareVersion".

If all the matching conditions are met, the module reports a vulnerability, indicating that the router is susceptible to authentication bypass.