Vulnerabilities > Huawei > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-02 | CVE-2016-6193 | Unspecified vulnerability in Huawei P8 Smartphone Firmware Gracl00C92B350 Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192. | 7.8 |
| 2016-08-02 | CVE-2016-6192 | Permissions, Privileges, and Access Controls vulnerability in Huawei P8 Smartphone Firmware Gracl00C92B350 Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193. | 7.3 |
| 2016-07-13 | CVE-2016-5821 | Permissions, Privileges, and Access Controls vulnerability in Huawei Hisuite Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or possibly other unspecified DLL files. | 7.8 |
| 2016-06-30 | CVE-2016-5368 | Resource Management Errors vulnerability in Huawei Ar3200 Firmware V200R005C20/V200R005C32/V200R007C00 Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets. | 7.5 |
| 2016-06-30 | CVE-2016-5231 | Permissions, Privileges, and Access Controls vulnerability in Huawei Mate 8 Firmware NXT Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app. | 7.8 |
| 2016-06-30 | CVE-2016-5230 | Permissions, Privileges, and Access Controls vulnerability in Huawei Mate 8 Firmware NXT Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and control partial module functions via a crafted app. | 8.8 |
| 2016-06-24 | CVE-2016-5723 | Permissions, Privileges, and Access Controls vulnerability in Huawei Fusioninsight HD V100R002C30/V100R002C50 Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors. | 7.8 |
| 2016-06-24 | CVE-2016-5722 | Information Exposure vulnerability in Huawei Ocean Stor Firmware Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network. | 7.3 |
| 2016-06-14 | CVE-2016-5367 | Information Exposure vulnerability in Huawei Honor Ws851 Firmware 1.1.21.1 Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors, aka HWPSIRT-2016-05053. | 7.5 |
| 2016-06-14 | CVE-2016-5366 | Improper Access Control vulnerability in Huawei Honor Ws851 Firmware 1.1.21.1 Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to modify configuration data via vectors related to a "file injection vulnerability," aka HWPSIRT-2016-05052. | 7.5 |