Vulnerabilities > Huawei > Hedex Lite

DATE CVE VULNERABILITY TITLE RISK
2019-06-13 CVE-2019-5286 Cross-site Scripting vulnerability in Huawei Hedex Lite V200R006C00
There is a reflection XSS vulnerability in the HedEx products.
network
low complexity
huawei CWE-79
6.1
2017-11-22 CVE-2017-8139 Cross-site Scripting vulnerability in Huawei Hedex Lite
HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability.
network
low complexity
huawei CWE-79
6.1
2017-11-22 CVE-2017-8138 Cross-Site Request Forgery (CSRF) vulnerability in Huawei Hedex Lite
HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability.
network
low complexity
huawei CWE-352
8.8
2017-11-22 CVE-2017-8137 Untrusted Search Path vulnerability in Huawei Hedex Lite
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path.
local
low complexity
huawei CWE-426
7.8
2017-11-22 CVE-2017-8136 Information Exposure vulnerability in Huawei Hedex Lite
HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability.
local
low complexity
huawei CWE-200
5.5