Vulnerabilities > Huawei > Espace 7950 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2018-11-27 CVE-2018-7960 Cleartext Transmission of Sensitive Information vulnerability in Huawei Espace 7950 Firmware V200R003C30
There is a SRTP icon display vulnerability in Huawei eSpace product.
network
high complexity
huawei CWE-319
7.4
2018-11-27 CVE-2018-7958 Improper Authentication vulnerability in Huawei Espace 7950 Firmware V200R003C30
There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product.
network
high complexity
huawei CWE-287
7.4
2018-03-09 CVE-2017-17223 Path Traversal vulnerability in Huawei products
Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability.
network
low complexity
huawei CWE-22
8.8
2018-03-09 CVE-2017-17222 Improper Input Validation vulnerability in Huawei Espace 7950 Firmware and Espace 8950 Firmware
Import Language Package function in Huawei eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 has a remote code execution vulnerability.
network
low complexity
huawei CWE-20
8.8
2018-03-09 CVE-2017-17221 Improper Input Validation vulnerability in Huawei Espace 7950 Firmware and Espace 8950 Firmware
Import Signal Tone function in Huawei eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 has a remote code execution vulnerability.
network
low complexity
huawei CWE-20
8.8
2017-11-22 CVE-2017-2722 Improper Input Validation vulnerability in Huawei products
DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device.
network
low complexity
huawei CWE-20
8.8