Huawei E587 3G Mobile Hotspot, version 11.203.27, is prone to two vulnerabilities in WebUI; an XSS and a command injection. The combination of both allows an attacker (with a little help from the victim) to remotely execute code on the device with root privileges, by sending a specifically …| fred's notes
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection ________________________________________________________________________ Summary: Huawei E587 3G Mobile Hotspot, version 11.203.27, is prone to a command injection vulnerability in the Web UI. Successful exploitation allows unauthenticated attackers to execute arbitrary commands with root privileges. ________________________________________________________________________ Details …| fred's notes