CVE-2020-1876
https://notcve.org/view.php?id=CVE-2020-1876
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de escritura fuera de límites. Un atacante no autenticado diseña paquetes malformados con un parámetro específico y los envía hacia los productos afectados. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-outofwrite-en • CWE-787: Out-of-bounds Write •
CVE-2020-1881
https://notcve.org/view.php?id=CVE-2020-1881
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de error de administración de recursos. Un atacante necesita llevar a cabo operaciones específicas para desencadenar una función del dispositivo afectado. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en •
CVE-2020-1860
https://notcve.org/view.php?id=CVE-2020-1860
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de omisión del control de acceso. Los atacantes que pueden acceder a la red interna pueden explotar esta vulnerabilidad con una implementación cuidadosa. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en •
CVE-2020-1874
https://notcve.org/view.php?id=CVE-2020-1874
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot. Los productos NIP6800; Secospace USG6600; USG9500 versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de acceso de puntero no válido. El sistema del software accede a un puntero no válido cuando el operador inicia sesión en el dispositivo y lleva a cabo algunas operaciones. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-invalidpointer-en • CWE-824: Access of Uninitialized Pointer •
CVE-2020-1873
https://notcve.org/view.php?id=CVE-2020-1873
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the device reboot. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de lectura fuera de límites. Un atacante no autenticado diseña un mensaje malformado con un parámetro especifico y envía el mensaje hacia los productos afectados. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-outofboundread-en • CWE-125: Out-of-bounds Read •