CVSS: 7.5EPSS: 0%CPEs: 443EXPL: 0CVE-2019-19415
https://notcve.org/view.php?id=CVE-2019-19415
08 Jul 2020 — The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. El módulo SIP de algun... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 443EXPL: 0CVE-2019-19416
https://notcve.org/view.php?id=CVE-2019-19416
08 Jul 2020 — The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. El módulo SIP de algun... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 443EXPL: 0CVE-2019-19417
https://notcve.org/view.php?id=CVE-2019-19417
08 Jul 2020 — The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. El módulo SIP de algun... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 85EXPL: 0CVE-2020-9071
https://notcve.org/view.php?id=CVE-2020-9071
01 Jun 2020 — There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00 Se presenta una vulnerabilidad de lectura fuera de límites de ciertos bytes en algunos ... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 146EXPL: 0CVE-2019-5304
https://notcve.org/view.php?id=CVE-2019-5304
03 Jan 2020 — Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. Algunos productos de Huawei tienen una vulnerabilidad de error de búfer. Un atacante remoto no identificado podría enviar mensajes MPLS Echo Request específicos hacia los productos de destino. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 82EXPL: 0CVE-2019-5259
https://notcve.org/view.php?id=CVE-2019-5259
16 Dec 2019 — There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition. Se presenta una vulnerabilidad de filtrado de información en algunos productos Huawei (AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). Un a... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-vrp-en • CWE-269: Improper Privilege Management •
CVSS: 5.9EPSS: 0%CPEs: 87EXPL: 0CVE-2019-5291
https://notcve.org/view.php?id=CVE-2019-5291
13 Dec 2019 — Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. Algunos productos Huawei presentan una comprobación insuficiente de una vulnerabilidad de autenticidad de datos.... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.5EPSS: 0%CPEs: 62EXPL: 0CVE-2019-5294
https://notcve.org/view.php?id=CVE-2019-5294
13 Nov 2019 — There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal. hay una vulnerabilidad de lectura fuera de límite en algunos productos Huawei. Un atacante remoto no autenticado puede enviar un mensaje corrupto o especialmente diseñado en los productos afectados. Debido a un error de desb... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-buffer-en • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 94EXPL: 0CVE-2019-5300
https://notcve.org/view.php?id=CVE-2019-5300
04 Jun 2019 — There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device. Existe una vulnerabili... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 224EXPL: 0CVE-2017-17257
https://notcve.org/view.php?id=CVE-2017-17257
24 Apr 2018 — Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R00... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en • CWE-772: Missing Release of Resource after Effective Lifetime •