DP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; ESpace U1960; ESpace U1981 Security Vulnerabilities

A silver bullet for the attacker

In the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems, relatively independently and often without regard for modern secure coding...

espace-recettes.fr XSS vulnerability

Open Bug Bounty ID: OBB-500573 Description| Value ---|--- Affected Website:| espace-recettes.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Disclosure Standard:| Coordinated...

Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'

Security researchers disclosed two groups of CPU vulnerabilities "Meltdown" and "Spectre". In some circumstances, a local attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel. (Vulnerability ID: HWPSIRT-2018-01001,...

Security Advisory - Two Vulnerabilities in CRYPTO module of Several Huawei Products

There is a buffer overflow vulnerability in the CRYPTO module of several Huawei products. An unauthenticated, local attacker could craft malformed file with a specific field that the length is longer than the maximum value. Due to insufficient validation of the inputs, successful exploit could...

Security Advisory - Memory Leak Vulnerability in Several Huawei products

There is a memory leak vulnerability in several Huawei products. An unauthenticated, remote attacker could craft malformed packets with specific parameters when connecting with the affect products by SFTP/SSH protocol. Due to insufficient validation of packets, successful exploit could cause a...

memograv.fr XSS vulnerability

Open Bug Bounty ID: OBB-472607 Description| Value ---|--- Affected Website:| memograv.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention Cheat...

Security Advisory - Several Vulnerabilities in H323 Protocol of Huawei Products

There are three null pointer dereference vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash.....

CVE-2017-15318

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...

Design/Logic Flaw

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...

CVE-2017-15319

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...

Design/Logic Flaw

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...

Design/Logic Flaw

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...

CVE-2017-15320

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote...

Security Advisory - Weak Cryptography Vulnerability in Some Huawei Products

Some Huawei products have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain...

Security Advisory - Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products

The CIDAM Protocol on Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the attacker.....

Security Advisory - Remote Code Execution Vulnerability in Windows DNSAPI

Microsoft released a security advisory to disclose a remote code execution vulnerability in Windows Domain Name System (DNS) DNSAPI.dll. An unauthenticated, remote attacker would use a malicious DNS server to send corrupted DNS responses to the target. The attacker could exploit the vulnerability.....

Security Advisory - DoS Vulnerability in Timergrp Module of Some Huawei Products

There is an DoS vulnerability in Timergrp module of some Huawei products due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to...

Security Advisory - Out-Of-Bounds Read Vulnerability in Some Huawei Products

Some Huawei products have an out-of-bounds read vulnerability. An unauthenticated attacker may send specific crafted H.323 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset. (Vulnerability ID: HWPSIRT-2017-06160) ...

Security Advisory - Information Disclosure Vulnerability in CIDAM Protocol on Huawei Products

Part of Huawei Products use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could...

Security Advisory - Two Remote Code Execution Vulnerabilities in Microsoft Windows

Microsoft released a security advisory to disclose a remote code execution vulnerability in Microsoft Server Message Block 1.0 (SMBv1). A remote attacker could send a specially crafted packet to a targeted SMBv1 server. The attacker could exploit the vulnerability to gain the ability to execute...

Security Advisory - Use of a Risky Cryptographic Algorithm Vulnerability on Several Products

There is a use of a broken or risky cryptographic algorithm vulnerability on several products. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could result....

Security Advisory - Multiple Vulnerabilities in Some Huawei Products

There are two buffer overflow vulnerabilities in some Huawei products. An unauthenticated, remote attacker may send specially crafted SIP packages to the affected products. Due to the insufficient validation of some values for SIP packages, successful exploit may cause services abnormal....

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is buffer overflow vulnerability in some Huawei products. An unauthenticated, remote attacker may send specially crafted certificates to the affected products. Due to insufficient validation of the certificates, successful exploit may cause buffer overflow and some service abnormal....

Security Advisory - Multiple Vulnerabilities in Some Huawei Products

There is a memory leak vulnerability in some Huawei products. An authenticated, local attacker may craft a specific XML file to the affected products. Due to not free the memory to parse the XML file, successful exploit will result in memory leak of the affected products. (Vulnerability ID:...

Security Advisory - Resource Exhaustion Vulnerability on Several Products

There is a resource exhaustion vulnerability on several products. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack...

Security Advisory - Resource Management Errors Vulnerability in Some Huawei Products

The Light Directory Access Protocol (LDAP) clients of some Huawei products have a resource management errors vulnerability. An unauthenticated, remote attacker may make the LDAP server not respond to the client's request by controlling the LDAP server. Due to improper management of LDAP connection....

CVE-2017-17143

SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100;...

CVE-2017-17137

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

Security Advisory - DoS Vulnerability in XML Parser of Some Huawei Products

XML parser has a DoS vulnerability in some Huawei products. Due to not check the specially XML file enough, an authenticated local attacker may craft specific XML files to the affected products and parse this file, which cause to null pointer accessing and result in DoS attacks. (Vulnerability ID:....

Security Advisory - Multiple Vulnerabilites in SIP Module on Huawei Products

There is an overflow vulnerability on the SIP module that attacker can exploit by sending a specially crafted SIP message, leading to a process reboot at random. (Vulnerability ID: HWPSIRT-2017-06044) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID:...

Security Advisory - DoS Vulnerability in Some Huawei Products

There is an DoS vulnerability in some Huawei products due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system, when a system manager load the key, an infinite loop happens which lead to...

CVE-2017-17131

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated...

CVE-2017-17138

PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10;....

CVE-2017-17142

SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100;...

CVE-2017-17144

Backup feature of SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500...

Security Advisory - Input Validation Vulnerability in H323 Protocol of Huawei products

There is an insufficient validation vulnerability in some Huawei products. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packets and result in DOS...

Security Advisory - Denial of Service Vulnerability on Several Huawei Products

There is a denial of service vulnerability on several products. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in...

CVE-2017-17136

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

Security Advisory - Multiple Vulnerabilities of PEM Module in Some Huawei Products

There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter, which could cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06047) This vulnerability has been...

CVE-2017-17135

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

CVE-2017-17134

XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the specially XML file enough....

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in the Common Open Policy Service Protocol (COPS) module of some Huawei products. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted message to the affected products. The vulnerability is due to insufficient...

Security Advisory - Memory Leak Vulnerability in Several Huawei Products

There is a memory leak vulnerability in several Huawei products. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory....

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Some Huawei Products

There are three buffer overflow vulnerabilities in the SIP backup feature of some Huawei products. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal....

Security Advisory - DoS Vulnerability in Some Huawei Products

There is a DoS vulnerability caused by memory exhaustion in some Huawei products. For insufficient input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS). (Vulnerability ID:...

Security Advisory - Two Vulnerabilities in H323 protocol of Huawei Products

There is an out-of-bounds read vulnerability in H323 protocol of Huawei products. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. (Vulnerability ID:...

Security Advisory - Denial of Service Vulnerability on Several Products

There is a denial of service vulnerability on several products. The software decodes X.509 certificate in an improper way. A remote unauthenticated attacker could send a crafted X.509 certificate to the device. Successful exploit could result in a denial of service on the device. (Vulnerability...

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions. (Vulnerability ID: HWPSIRT-2017-08151) This vulnerability has been...

Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products

Multiple denial of service vulnerabilities were disclosed on Network Time Protocol (NTP) offical website. Attackers can exploit these vulnerabilities to cause a denial of service (DoS) condition. If trap service is enabled, an attacker can exploit this vulnerabilityc by sending a specially crafted....

espace-emploi.ch XSS vulnerability

Open Bug Bounty ID: OBB-440437 Description| Value ---|--- Affected Website:| espace-emploi.ch Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention...