Vulnerabilities > Huawei > AR Firmware

DATE CVE VULNERABILITY TITLE RISK
2016-10-03 CVE-2015-8086 Inadequate Encryption Strength vulnerability in Huawei products
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage.
network
low complexity
huawei CWE-326
4.9
2016-10-03 CVE-2015-8085 Inadequate Encryption Strength vulnerability in Huawei products
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm.
network
low complexity
huawei CWE-326
4.9
2016-09-26 CVE-2016-6901 Improper Input Validation vulnerability in Huawei AR Firmware and Netengine 16Ex Firmware
Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.
network
low complexity
huawei CWE-20
6.5