CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-8084
https://notcve.org/view.php?id=CVE-2015-8084
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets. Puertas de enlace de seguridad unificadas Huawei USG5500, USG2100, USG2200 y USG5100 con software en versiones anteriores a V300R001C10SPC600, cuando está habilitado 'DHCP Snooping' y ya sea que 'option82 insert' u 'option82 rebuild' estén habilitado en una interfaz, permite a atacantes remotos causar una denegación de servicio (reinicio) a través de paquetes DHCP manipulados. • http://www.securityfocus.com/bid/77300 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 107EXPL: 1CVE-2012-4960 – Huawei (Multiple Products) - Password Encryption
https://notcve.org/view.php?id=CVE-2012-4960
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack. Los Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, y NIP5100 utiliza el algoritmo DES para las contraseñas almacenados, lo que hace que sea más fácil para los atacantes dependientes de contexto obtener contraseñas de texto simple a través de un ataque de fuerza bruta. • https://www.exploit-db.com/exploits/38020 http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm http://www.kb.cert.org/vuls/id/948096 • CWE-310: Cryptographic Issues •