Vulnerabilities > Huawei > High

DATE CVE VULNERABILITY TITLE RISK
2018-02-15 CVE-2017-15341 Improper Certificate Validation vulnerability in Huawei products
Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 V600R006C00, TE60 V600R006C00 have a denial of service vulnerability.
network
low complexity
huawei CWE-295
7.5
7.5
2018-02-15 CVE-2017-15329 SQL Injection vulnerability in Huawei UMA Firmware V200R001C00
Huawei UMA V200R001C00 has a SQL injection vulnerability in the operation and maintenance module.
network
low complexity
huawei CWE-89
8.8
8.8
2018-01-30 CVE-2014-4705 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products
Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.
network
low complexity
huawei CWE-119
7.5
7.5
2017-12-22 CVE-2017-15328 Information Exposure vulnerability in Huawei Hg8245H Firmware
Huawei HG8245H version earlier than V300R018C00SPC110 has an authentication bypass vulnerability.
network
low complexity
huawei CWE-200
7.5
7.5
2017-12-22 CVE-2017-15324 Improper Input Validation vulnerability in Huawei S5700 Firmware and S6700 Firmware
Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets.
network
low complexity
huawei CWE-20
7.5
7.5
2017-12-22 CVE-2017-15320 Out-of-bounds Read vulnerability in Huawei products
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products.
network
low complexity
huawei CWE-125
7.5
7.5
2017-12-22 CVE-2017-15319 Out-of-bounds Read vulnerability in Huawei products
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products.
network
low complexity
huawei CWE-125
7.5
7.5
2017-12-22 CVE-2017-15318 Out-of-bounds Read vulnerability in Huawei products
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products.
network
low complexity
huawei CWE-125
7.5
7.5
2017-12-22 CVE-2017-15317 Out-of-bounds Read vulnerability in Huawei products
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products.
network
low complexity
huawei CWE-125
7.5
7.5
2017-12-22 CVE-2017-15316 Double Free vulnerability in Huawei Mate 9 Firmware and Mate 9 PRO Firmware
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability.
local
low complexity
huawei CWE-415
7.8
7.8