Security Notice-Allegro RomPager Information Disclosure Vulnerability in Huawei Access Routers
- Initial Release Date: Mar 24, 2014
- Last Release Date: Jul 02, 2014
Huawei has noticed information disclosure vulnerability on the RomPager embedded web server, which is developed by Allegro. The vulnerability affects Huawei HG520c, MT880, and MT886 access routers. After investigation, we find out that these products have reached End of Service (EOS) and Huawei does not provide updates for them. Therefore, it is recommended that customers replace them with new models of Huawei access routers.
Series products which are vulnerable and have reached EOS:
HG510a/ HG510u/ HG520/ HG520b/ HG520c/ HG520i/ HG520s/ HG520u/ HG530u/ MT800u/ MT880/ MT880u/ MT882/ MT882a/ MT882u/ MT883/ MT886.
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.
2014-07-02 V1.2 UPDATED add EOS products list
2014-05-30 V1.1 UPDATED update investigation status information
2014-03-24 V1.0 INITIAL
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.
