Product:

Nip6800_firmware

(Huawei)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 52
Date Id Summary Products Score Patch Annotated
2020-02-28 CVE-2020-1874 NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot. Nip6800_firmware, Secospace_usg6600_firmware, Usg9500_firmware N/A
2020-02-17 CVE-2020-1858 Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. Attackers need to perform a series of operations in a special scenario to exploit this vulnerability. Successful exploit may cause the new connections can't be established, result in a denial of service. Nip6800_firmware, Secospace_usg6600_firmware, Usg9500_firmware N/A
2020-02-18 CVE-2020-1830 Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service. Nip6800_firmware, Secospace_usg6600_firmware, Usg9500_firmware N/A
2020-02-17 CVE-2020-1829 Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service. Nip6800_firmware, Secospace_usg6600_firmware, Usg9500_firmware N/A
2020-02-17 CVE-2020-1827 Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. Nip6800_firmware, Secospace_usg6600_firmware, Usg9500_firmware N/A
2019-12-13 CVE-2019-5257 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network. Ap2000_firmware, Espace_u1981_firmware, Ips_firmware, Ngfw_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, S5700_firmware, Secospace_antiddos8000_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Usg6000v_firmware N/A
2019-12-13 CVE-2019-5258 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit... Ap2000_firmware, Espace_u1981_firmware, Ips_firmware, Ngfw_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, S5700_firmware, Secospace_antiddos8000_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Usg6000v_firmware N/A
2019-12-13 CVE-2019-5256 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. Ap2000_firmware, Espace_u1981_firmware, Ips_firmware, Ngfw_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, S5700_firmware, Secospace_antiddos8000_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Usg6000v_firmware N/A
2019-12-13 CVE-2019-5255 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the... Ap2000_firmware, Espace_u1981_firmware, Ips_firmware, Ngfw_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, S5700_firmware, Secospace_antiddos8000_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Usg6000v_firmware N/A
2019-12-13 CVE-2019-5254 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful... Ap2000_firmware, Espace_u1981_firmware, Ips_firmware, Ngfw_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, S5700_firmware, Secospace_antiddos8000_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Usg6000v_firmware N/A