2021-01-13
|
CVE-2020-9209
|
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products.
|
Smc2\.0_firmware
|
6.7
|
|
|
2021-02-06
|
CVE-2021-22299
|
There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions...
|
Imaster_mae\-M, Manageone, Network_functions_virtualization_fusionsphere, Smc2\.0_firmware
|
7.8
|
|
|
2019-05-16
|
CVE-2019-0708
|
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
|
Agile_controller\-Campus_firmware, Bh620_v2_firmware, Bh621_v2_firmware, Bh622_v2_firmware, Bh640_v2_firmware, Ch121_firmware, Ch140_firmware, Ch220_firmware, Ch221_firmware, Ch222_firmware, Ch240_firmware, Ch242_firmware, Ch242_v3_firmware, E6000_chassis_firmware, E6000_firmware, Elog_firmware, Espace_ecs_firmware, Gtsoftx3000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_hvs85t_firmware, Oceanstor_hvs88t_firmware, Rh1288_v2_firmware, Rh1288a_v2_firmware, Rh2265_v2_firmware, Rh2268_v2_firmware, Rh2285_v2_firmware, Rh2285h_v2_firmware, Rh2288_v2_firmware, Rh2288a_v2_firmware, Rh2288e_v2_firmware, Rh2288h_v2_firmware, Rh2485_v2_firmware, Rh5885_v2_firmware, Rh5885_v3_firmware, Seco_vsm_firmware, Smc2\.0_firmware, Uma_firmware, X6000_firmware, X8000_firmware, Windows_7, Windows_server_2008, Aptio_firmware, Atellica_solution_firmware, Axiom_multix_m_firmware, Axiom_vertix_md_trauma_firmware, Axiom_vertix_solitaire_m_firmware, Centralink_firmware, Lantis_firmware, Mobilett_xp_digital_firmware, Multix_pro_acss_firmware, Multix_pro_acss_p_firmware, Multix_pro_firmware, Multix_pro_navy_firmware, Multix_pro_p_firmware, Multix_swing_firmware, Multix_top_acss_firmware, Multix_top_acss_p_firmware, Multix_top_firmware, Multix_top_p_firmware, Rapidpoint_500_firmware, Streamlab_firmware, Syngo_lab_process_manager, Vertix_solitaire_firmware, Viva_e_firmware, Viva_twin_firmware
|
9.8
|
|
|
2020-07-08
|
CVE-2019-19415
|
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
|
Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ar510_firmware, Dp300_firmware, Espace_u1910_firmware, Espace_u1911_firmware, Espace_u1930_firmware, Espace_u1960_firmware, Espace_u1980_firmware, Espace_u1981_firmware, Ips_module_firmware, Netengine16ex_firmware, Ngfw_module_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, Rse6500_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Smc2\.0_firmware, Softco_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Te30_firmware, Te40_firmware, Te50_firmware, Te60_firmware, Tp3206_firmware, Usg9500_firmware, Usg9520_firmware, Usg9560_firmware, Viewpoint_8660_firmware, Viewpoint_9030_firmware, Vp9660_firmware
|
7.5
|
|
|
2020-07-08
|
CVE-2019-19417
|
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
|
Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ar510_firmware, Dp300_firmware, Espace_u1910_firmware, Espace_u1911_firmware, Espace_u1930_firmware, Espace_u1960_firmware, Espace_u1980_firmware, Espace_u1981_firmware, Ips_module_firmware, Netengine16ex_firmware, Ngfw_module_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, Rse6500_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Smc2\.0_firmware, Softco_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Te30_firmware, Te40_firmware, Te50_firmware, Te60_firmware, Tp3206_firmware, Usg9500_firmware, Usg9520_firmware, Usg9560_firmware, Viewpoint_8660_firmware, Viewpoint_9030_firmware, Vp9660_firmware
|
7.5
|
|
|
2020-07-08
|
CVE-2019-19416
|
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
|
Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ar510_firmware, Dp300_firmware, Espace_u1910_firmware, Espace_u1911_firmware, Espace_u1930_firmware, Espace_u1960_firmware, Espace_u1980_firmware, Espace_u1981_firmware, Ips_module_firmware, Netengine16ex_firmware, Ngfw_module_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, Rse6500_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Semg9811_firmware, Smc2\.0_firmware, Softco_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Te30_firmware, Te40_firmware, Te50_firmware, Te60_firmware, Tp3206_firmware, Usg9500_firmware, Usg9520_firmware, Usg9560_firmware, Viewpoint_8660_firmware, Viewpoint_9030_firmware, Vp9660_firmware
|
7.5
|
|
|
2018-02-15
|
CVE-2017-17301
|
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10,...
|
Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ar510_firmware, Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Dp300_firmware, Espace_iad_firmware, Espace_u1981_firmware, Espace_usm_firmware, Smc2\.0_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Te30_firmware, Te60_firmware, Viewpoint_8660_firmware, Vp9660_firmware
|
9.8
|
|
|
2018-02-15
|
CVE-2017-15332
|
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10,...
|
Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar510_firmware, Dp300_firmware, Ips_module_firmware, Max_presence_firmware, Netengine16ex_firmware, Ngfw_module_firmware, Nip6300_firmware, Nip6600_firmware, Nip6800_firmware, Rp200_firmware, Rse6500_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Smc2\.0_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Svn5600_firmware, Svn5800\-C_firmware, Svn5800_firmware, Te30_firmware, Te40_firmware, Te50_firmware, Te60_firmware, Tp3106_firmware, Tp3206_firmware, Usg9500_firmware, Usg9520_firmware, Usg9560_firmware, Usg9580_firmware, Viewpoint_9030_firmware
|
5.3
|
|
|
2017-11-22
|
CVE-2017-8213
|
Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module.
|
Smc2\.0_firmware
|
5.3
|
|
|
2017-11-22
|
CVE-2017-8163
|
AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00,...
|
Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar510_firmware, Netengine16ex_firmware, Smc2\.0_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware
|
6.5
|
|
|