Ac6005,ac6605 Security Vulnerabilities

Huawei Data Communication: DoS Vulnerability in Some Huawei Products (huawei-sa-20170517-01-ac)

There is a DoS Vulnerability in some Huawei...

Huawei Data Communication: Integer Overflow Vulnerability in the Linux Kernel (SACK Panic) (huawei-sa-20191204-01-kernel)

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments...

Huawei Data Communication: Sixteen OpenSSL Vulnerabilities on Some Huawei products (huawei-sa-20170322-01-openssl)

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc...

Huawei Data Communication: Dirty COW Vulnerability in Huawei Products (huawei-sa-20161207-01-dirtycow)

In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Multiple OpenSSL Vulnerabilities in January 2017 (huawei-sa-20170503-01-openssl)

On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new...

Huawei Data Communication: MaxAge LSA Vulnerability in OSPF Protocol of Some Huawei Products (huawei-sa-20170720-01-ospf)

Some Huawei products have a MaxAge LSA vulnerability due to improper OSPF...

Security Advisory - Integer Overflow Vulnerability in the Linux Kernel (SACK Panic)

An integer overflow vulnerability was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. A remote attacker could use this to cause a denial of service. (Vulnerability ID: HWPSIRT-2019-06130) This vulnerability has been assigned a Common....

CVE-2014-4705

Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and...

Heap overflow

Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and...

CVE-2014-4705

Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and...

CVE-2014-4705

Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and...

CVE-2017-8147

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00,...

CVE-2017-8147

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00,...

CVE-2017-2700

AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS...

CVE-2017-2700

AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS...

Design/Logic Flaw

AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS...

Input validation

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00,...

CVE-2017-8147

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00,...

CVE-2017-2700

AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS...

Security Advisory - MaxAge LSA Vulnerability in OSPF Protocol of Some Huawei Products

Some Huawei products have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack....

CVE-2015-6586

The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local...

CVE-2015-6586

The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local...

Design/Logic Flaw

The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local...

CVE-2015-6586

The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local...

Security Advisory - DoS Vulnerability in Some Huawei Products

There is a DoS Vulnerability in some Huawei products. Due to the lack of adequate input validation, the attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks. (Vulnerability ID: HWPSIRT-2017-02118) This vulnerability has been assigned a...

Security Advisory - Three OpenSSL Vulnerabilities in Huawei Products

On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. If a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client...

CVE-2014-8572

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003,...

Input validation

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003,...

CVE-2014-8572

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003,...

CVE-2014-8572

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003,...

Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. (Vulnerability ID: HWPSIRT-2016-09065) This vulnerability has...

Security Advisory - Dirty COW Vulnerability in Huawei Products

In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel. A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An.....

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP...

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP...

Code injection

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP...

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP...

Security Advisory - Input Validation Vulnerability in Huawei Access Controllers

There is an input validation vulnerability in Huawei access controllers (AC). Due to the lack of input validation, an attacker may craft malformed Control And Provisioning of Wireless Access Points (CAPWAP) protocol packets and send them to the device, causing the device to restart. (Vulnerability....

Security Advisory - mDNS Message Improper Handling Vulnerability in Huawei WLAN AC Products

The mDNS module in Huawei WLAN AC products improperly processes mDNS packets and responds to mDNS unicast queries from outside the link local network (e.g., the WAN), leading to information leaks.(Vulnerability ID: HWPSIRT-2015-03024) The CVE No. of the vulnerability is...

Huawei SSH DoS (HWPSIRT-2014-0701)

The remote device is a Huawei router running a firmware version that is affected by a denial of service vulnerability in its SSH server service. A remote, unauthenticated attacker can leverage this flaw to deny access to the device via a specially crafted SSH login...

Security Advisory-SSLv3 POODLE Vulnerability in Huawei Products

The SSLv3 protocol supported by some Huawei products has the so-called Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability. The attacker can launch a man-in-the-middle attack to manipulate the TLS negotiation process so that the communication parties use SSLv3, which has...

Security Advisory-VRP SSH Denial of Service Vulnerability

The SSH of the VRP has an input verification issue. Remote attackers can send a special SSH packet to the device to cause a denial of service (Vulnerability ID: HWPSIRT-2014-0701). This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID:...