CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0CVE-2017-15353
https://notcve.org/view.php?id=CVE-2017-15353
Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal. Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660 y V100R008C03 tienen una vulnerabilidad de lectura fuera de límites. Un atacante debe controlar el dispositivo del mismo nivel y enviar mensajes especialmente manipulados a los productos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2017-15355
https://notcve.org/view.php?id=CVE-2017-15355
Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00 y V600R006C00 tienen una vulnerabilidad de desbordamiento de búfer. Un atacante podría enviar mensajes HTTP especialmente manipulados a los productos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2017-15354
https://notcve.org/view.php?id=CVE-2017-15354
Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00 y V600R006C00 tienen una vulnerabilidad de desbordamiento de búfer. Un atacante podría enviar mensajes HTTP especialmente manipulados a los productos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2017-15356
https://notcve.org/view.php?id=CVE-2017-15356
Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00 y V600R006C00 tienen una vulnerabilidad de desbordamiento de búfer. Un atacante podría enviar mensajes HTTP especialmente manipulados a los productos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •