CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-49599: Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the...

4.1 CVSS

Description

Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the Epuser account to disable ONT firewall functionality, e.g., to remove the default blocking of the SSH and TELNET TCP ports, aka HWNO-56Q3.

Classification

CVE ID: CVE-2025-49599

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.1

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Problem Types

CWE-863 Incorrect Authorization

Affected Products

Vendor: Huawei

Product: EG8141A5, EG8145V5, EG8145V5-V2

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.81% (scored less or equal to compared to others)

EPSS Date: 2025-06-27 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-49599
https://www.youtube.com/watch?v=l1eYpcNvZdQ

Timeline

2025-06-06 17:40:18 UTC
CVE

Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the...