HIGH
www.huawei.com
CVE published 2026-05-13
CVE-2020-37220
CVE-2020-37220 describes an authentication bypass vulnerability in the Huawei HG630 V2 router. The device exposes the /api/system/deviceinfo endpoint without requiring authentication, allowing unauthenticated attackers to retrieve the device serial number. The last 8 characters of this serial number serve as the default administrative password, enabling complete administrative access to the router. This v [truncated]