This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy (update in May 2018) >

Security Notice-Allegro RomPager Information Disclosure Vulnerability in Huawei Access Routers

  • Initial Release Date: Mar 24, 2014
  • Last Release Date: Jul 02, 2014

Huawei has noticed information disclosure vulnerability on the RomPager embedded web server, which is developed by Allegro. The vulnerability affects Huawei HG520c, MT880, and MT886 access routers. After investigation, we find out that these products have reached End of Service (EOS) and Huawei does not provide updates for them. Therefore, it is recommended that customers replace them with new models of Huawei access routers.

 

Series products which are vulnerable and have reached EOS:

HG510a/ HG510u/ HG520/ HG520b/ HG520c/ HG520i/ HG520s/ HG520u/ HG530u/ MT800u/ MT880/ MT880u/ MT882/ MT882a/ MT882u/ MT883/ MT886.

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.

2014-07-02 V1.2 UPDATED add EOS products list

2014-05-30 V1.1 UPDATED update investigation status information

2014-03-24 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.