High severity7.5NVD Advisory· Published Apr 2, 2017· Updated May 13, 2026

CVE-2014-9690

Description

Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking vulnerability of the WPS protocol because the random number generator (RNG) used in the supplier's solution is not random enough. As a result, brute force cracking the PIN code is easier. After an attacker cracks the PIN, the attacker can access the Internet via the cracked device.

Affected products

Huawei/Ws318 Firmware
cpe:2.3:o:huawei:ws318_firmware:*:*:*:*:*:*:*:*
Range: <=v100r001c01b022

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/hw-408091nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000