Author : dn5 Blog : http://dn5.ljuska.org Date : 28.04.2014. E-mail : firstname.lastname@example.org Twitter : @dn5__
Vulnerability No. #1
Huawei uniportal located under sub-domain http://uniportal.huawei.com/uniportal/ have open-redirect vulnerability in which application takes a parameter and redirects a user to the parameter value without any validation. This vulnerability can lead to medium-to-high risk phishing attacks. This vulnerability can lead to other bugs too. Vulnerability is reported to Huawei and is properly fixed.
To recreate this vulnerability login with your username & password @ huawei official login. Make sure to "Remember password", otherwise exploit is not always successful because of Huawei session. Now, everytime you visit this link you will be redirected to
http://example.com.You can change redirect parameter to coresponding website you want to redirect to. This vulnerability works out-of-box on whole /www/ scope. Be sure to check video at the end of proper PoC.
Check if parameter redirect have value of unknown host and make sure to properly sanitize input of the parameter.