CVSS: 3.3EPSS: 0%CPEs: 19EXPL: 0CVE-2017-17289
https://notcve.org/view.php?id=CVE-2017-17289
15 Feb 2018 — Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. The software does not release allocated memory properly when handling XML data. An authenticated, local attacker could upload crafted XML file repeatedly to cause memory leak and service abnormal. Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-xml-en • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2017-17185
https://notcve.org/view.php?id=CVE-2017-17185
15 Feb 2018 — Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process. Huawei DP300 V500R002C00, RP200 V600R006C00, T... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2017-15355
https://notcve.org/view.php?id=CVE-2017-15355
15 Feb 2018 — Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Huawei DP300, V500R002C00, RP200,... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2017-15356
https://notcve.org/view.php?id=CVE-2017-15356
15 Feb 2018 — Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Huawei DP300, V500R002C00, RP200,... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 138EXPL: 0CVE-2017-17293
https://notcve.org/view.php?id=CVE-2017-17293
15 Feb 2018 — Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-06-xml-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 112EXPL: 0CVE-2017-15339
https://notcve.org/view.php?id=CVE-2017-15339
15 Feb 2018 — The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00,... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2017-17182
https://notcve.org/view.php?id=CVE-2017-17182
15 Feb 2018 — Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process. Huawei DP300 V500R002C00, RP200 V600R006C00, T... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2017-17184
https://notcve.org/view.php?id=CVE-2017-17184
15 Feb 2018 — Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process. Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, T... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 112EXPL: 0CVE-2017-15338
https://notcve.org/view.php?id=CVE-2017-15338
15 Feb 2018 — The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00,... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 138EXPL: 0CVE-2017-17292
https://notcve.org/view.php?id=CVE-2017-17292
15 Feb 2018 — Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-06-xml-en • CWE-20: Improper Input Validation •