CVSS: 4.9EPSS: 0%CPEs: 20EXPL: 0CVE-2021-22342
https://notcve.org/view.php?id=CVE-2021-22342
22 Jun 2021 — There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Affected product versions include: IPS Module versions V500R005C00, V500R005C10, V500R005C20; NGFW Module versions V500R005C00,V500R005C10, V500R005C20; SeMG9811 versions V500R005C00; USG9500 versions V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, V500... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210428-01-infomationleak-en •
CVSS: 7.5EPSS: 0%CPEs: 443EXPL: 0CVE-2019-19415
https://notcve.org/view.php?id=CVE-2019-19415
08 Jul 2020 — The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. El módulo SIP de algun... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 443EXPL: 0CVE-2019-19416
https://notcve.org/view.php?id=CVE-2019-19416
08 Jul 2020 — The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. El módulo SIP de algun... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 443EXPL: 0CVE-2019-19417
https://notcve.org/view.php?id=CVE-2019-19417
08 Jul 2020 — The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. El módulo SIP de algun... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 89EXPL: 0CVE-2020-9099
https://notcve.org/view.php?id=CVE-2020-9099
08 Jun 2020 — Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10; V500R002C20; V500R002C30 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. Los produc... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200506-02-authentication-en • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 146EXPL: 0CVE-2019-5304
https://notcve.org/view.php?id=CVE-2019-5304
03 Jan 2020 — Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. Algunos productos de Huawei tienen una vulnerabilidad de error de búfer. Un atacante remoto no identificado podría enviar mensajes MPLS Echo Request específicos hacia los productos de destino. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.6EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5254
https://notcve.org/view.php?id=CVE-2019-5254
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the ... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5255
https://notcve.org/view.php?id=CVE-2019-5255
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service. Cier... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5256
https://notcve.org/view.php?id=CVE-2019-5256
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. Ciertos pro... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5258
https://notcve.org/view.php?id=CVE-2019-5258
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affe... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •