Huawei E303 contains a cross-site request forgery vulnerability

A warning has been released by the Homeland Security computer emergency response team. The built-in web interface of the Huawei E303 devices are vulnerable to a CSRF attack.

The broadband wireless modems Huawei E303 contain a web interface for administrators and additional services.

The web interface which is made for the E303 allows users to send and receive SMS messages using the provided and connected cellular network.