Vulnerabilities > Huawei
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-11-24 | CVE-2015-8227 | Improper Input Validation vulnerability in Huawei VP 9660 Firmware V200R001C01/V200R001C02 The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via a crafted message. | 8.5 |
| 2015-11-19 | CVE-2015-8087 | Resource Management Errors vulnerability in Huawei NE Router Software Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability." | 5.0 |
| 2015-11-19 | CVE-2015-8083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Espace Firmware An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors. | 7.8 |
| 2015-11-19 | CVE-2015-7845 | Improper Input Validation vulnerability in Huawei Espace Firmware The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets. | 5.0 |
| 2015-11-07 | CVE-2015-7254 | Path Traversal vulnerability in Huawei Hg532E, Hg532N and Hg532S Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2015-05-21 | CVE-2015-3912 | Information Exposure vulnerability in Huawei E355S Mobile Wifi Firmware and Webui Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEBUI before 13.100.04.01.625 allows remote attackers to obtain sensitive configuration information by sniffing the network or sending unspecified commands. | 5.0 |
| 2015-05-21 | CVE-2015-3911 | Improper Access Control vulnerability in Huawei E587 Mobile Wifi Firmware Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via unspecified vectors. | 9.0 |
| 2015-05-18 | CVE-2015-2346 | Unspecified vulnerability in Huawei SEQ Analyst XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote authenticated users to read arbitrary files via the req parameter. | 4.0 |
| 2015-05-08 | CVE-2015-2347 | Cross-site Scripting vulnerability in Huawei SEQ Analyst Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote attackers to inject arbitrary web script or HTML via the command XML element in the req parameter to flexdata.action in (1) common/, (2) monitor/, or (3) psnpm/ or the (4) module XML element in the req parameter to flexdata.action in monitor/. | 4.3 |
| 2015-02-03 | CVE-2015-1460 | Permissions, Privileges, and Access Controls vulnerability in Huawei Quidway Firmware V200R003C00Spc300 Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. | 7.5 |