Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-8138 | Cross-Site Request Forgery (CSRF) vulnerability in Huawei Hedex Lite HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. | 8.8 |
| 2017-11-22 | CVE-2017-8137 | Untrusted Search Path vulnerability in Huawei Hedex Lite HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. | 7.8 |
| 2017-11-22 | CVE-2017-8135 | Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10 The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. | 8.8 |
| 2017-11-22 | CVE-2017-8134 | Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10 The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. | 8.8 |
| 2017-11-22 | CVE-2017-8133 | Command Injection vulnerability in Huawei Neteco V600R008C00/V600R008C10 Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability. | 8.8 |
| 2017-11-22 | CVE-2017-8132 | Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10 The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. | 8.8 |
| 2017-11-22 | CVE-2017-8131 | Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10 The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. | 8.8 |
| 2017-11-22 | CVE-2017-2737 | Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Vcm5010 Firmware V100R001C10B010 VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. | 8.8 |
| 2017-11-22 | CVE-2017-2736 | Command Injection vulnerability in Huawei Vcm5010 Firmware V100R001C10B010 VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. | 7.2 |
| 2017-11-22 | CVE-2017-2735 | Exposed Dangerous Method or Function vulnerability in Huawei Y6 PRO Firmware 9.1.0.248(C636E5R3P1) TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. | 7.1 |