Ar1200, Ar160, Ar200, Ar2200, Ar3200 Security Vulnerabilities

Design/Logic Flaw

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software.....

CVE-2016-8797

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software.....

CVE-2016-6206

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted...

CVE-2016-6206

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted...

Code injection

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted...

CVE-2016-6206

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted...

Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. (Vulnerability ID: HWPSIRT-2016-09065) This vulnerability has...

CVE-2016-6901

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service....

CVE-2016-6901

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service....

Format string

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service....

CVE-2016-6901

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service....

Security Advisory - Uncontrolled Format String Vulnerability on Multiple Products

Several Huawei routers and switches have an uncontrolled format string vulnerability when processing partial commands. An authenticated attacker could exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2016-07011) This vulnerability has been assigned Common...

Security Advisory - IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

There is a vulnerability in the IP Version 6 (IPv6) Neighbor Discovery packet process of multiple products, successful exploit could allow an unauthenticated, remote attacker to cause an affected device to start dropping legitimate IPv6 neighbors as legitimate ND times out, leading to a denial of.....

Security Advisory - Input Validation Vulnerability in Huawei Routers

There is an input validation vulnerability in Huawei access routers, an attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. An exploit could allow the attacker to cause a Denial of Service or remote code execution. (Vulnerability ID:...

CVE-2016-5368

Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS)...

CVE-2016-5368

Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS)...

Memory corruption

Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS)...

CVE-2016-5368

Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS)...

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. When the packet processing module of the device processes abnormal Multiprotocol Label Switching (MPLS) packets sent by attackers, the module repeatedly applies for memory, resulting in memory exhaustion in persistent attacks. (Vulnerability...

CVE-2016-3950

Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted...

CVE-2016-3950

Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted...

Code injection

Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted...

CVE-2016-3950

Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted...

Security Advisory - Input Validation Vulnerability in Huawei AR3200

There is an input validation vulnerability in Huawei AR3200, which allows an attacker who logs into the device to send malformed packets, causing the AR3200 occasionally restart and a Denial of Service. (Vulnerability ID: HWPSIRT-2015-10047) This vulnerability has been assigned Common...

Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability

Google security research team disclosed a buffer overflow vulnerability in GNU C library (glibc) (CVE-2015-7547) on February 16, 2016, remote attackers can exploit the vulnerability to execute arbitrary code on an affected device. (Vulnerability ID: HWPSIRT-2016-02018) This vulnerability has been.....

Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability

Google security research team disclosed a buffer overflow vulnerability in GNU C library (glibc) (CVE-2015-7547) on February 16, 2016, remote attackers can exploit the vulnerability to execute arbitrary code on an affected device. (Vulnerability ID: HWPSIRT-2016-02018) This vulnerability has been.....

Security Advisory - Chunked HTTP Packet L7-Parsing Vulnerability in Huawei Products

There is a vulnerability in several Huawei products: AR series, NetEngine16EX and SRG series. If the Layer 7 HTTP chunked packet paring function is enabled on these devices, an attacker could exploit the vulnerability to craft a special HTTP chunked packet and send it to the target device to cause....

多款Huawei路由器信息泄露漏洞

Summary The CF cards on some Huawei switches and ARs contain some sensitive information in plaintext. Once an attacker gets such a CF card, it may result in the leak of sensitive information (HWPSIRT-2015-07048). This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID:...

CVE-2015-8228

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified...

Security Advisory - Directory Traversal Vulnerability in Huawei AR Router

The AR router has a directory traversal vulnerability when serving as an SFTP server. An attacker can log in to the AR router and traverse FTP server directories to access unauthorized directories, leading to information leaks. (Vulnerability ID: HWPSIRT-2015-09029) This vulnerability has been...

Security Advisory - Stagefright Vulnerability in Multiple Huawei Android Products

The Stagefright media player engine in Android OS has multiple vulnerabilities, which can be exploited to remotely execute code in affected devices. (Vulnerability ID: HWPSIRT-2015-07056, HWPSIRT-2015-07057, HWPSIRT-2015-07058, HWPSIRT-2015-07059, HWPSIRT-2015-07060, HWPSIRT-2015-07061 and...

Security Advisory - CF Card Information Leak Vulnerability on Multiple Huawei Products

The CF cards on some Huawei switches and ARs contain some sensitive information in plaintext. Once an attacker gets such a CF card, it may result in the leak of sensitive information (HWPSIRT-2015-07048). Currently, official fixes are...

Security Advisory - Glibc Buffer Overflow Vulnerability

Huawei noticed that Qualys had disclosed the buffer overflow in the GNU C Library (glibc) on January 27th, 2015, Applications call various gethostbyname function are affected and attackers can exploit this vulnerability to perform remote code execution. (Vulnerability ID: HWPSIRT-2015-01045) This.....

Security Advisory-SSLv3 POODLE Vulnerability in Huawei Products

The SSLv3 protocol supported by some Huawei products has the so-called Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability. The attacker can launch a man-in-the-middle attack to manipulate the TLS negotiation process so that the communication parties use SSLv3, which has...

Huawei AR Router Remote Command Execution (HWNSIRT-2013-0427)

The remote host is a Huawei device running a firmware version that is affected by a remote command execution vulnerability due to a flaw in the SNMPv3 component. A remote, unauthenticated attacker can exploit this vulnerability by sending malformed SNMPv3 messages to execute arbitrary...

Huawei Device DoS (HWPSIRT-2014-0307)

The remote host is a Huawei device running a firmware version that is affected by a denial of service vulnerability due to a flaw in the RADIUS component. A remote, authenticated attacker could exploit this vulnerability by sending malformed RADIUS packets to cause a device...

Huawei eSap Platform DoS (HWPSIRT-2014-0111)

The remote host is a Huawei device running a firmware version that is affected by a denial of service vulnerability. The issue stems from a heap overflow vulnerability in the firmware. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed packets to cause...

Security Advisory-A DoS Vulnerability in the SSH Module on Huawei AR Router

On Some Huawei AR routers that receive a large number of SSH authentication attack packets with malformed data, legitimate users fail to log in through SSH. Attackers can construct massive attack packets to cause the AR routers to deny SSH login from legitimate users. (HWPSIRT-2013-1255). This...

Security Advisory - SNMP vulnerability on Huawei multiple products

In some of Huawei products as affected products list below, there are MIBs which support the query of the local user account and password. However, the security authentication protection for SNMP V1 and V2 is not enough, which leads to the risk that the user account and password can be disclosed...