Medium severity6.8NVD Advisory· Published Nov 22, 2017· Updated May 13, 2026

CVE-2017-8156

Description

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board of the outdoor unit and log in to the CPE without authentication. Successful exploit could allow the attacker to take control over the outdoor unit.

Affected products

Huawei/B2338 168 Firmware
cpe:2.3:o:huawei:b2338-168_firmware:v100r001c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd./B2338-168v5
Range: V100R001C00

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-cpe-ennvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000