Lucene search
+L

143 matches found

Prion
Prion
added 2018/03/09 5:29 p.m.23 views

Design/Logic Flaw

Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

4.9CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/09 5:29 p.m.5 views

CVE-2017-17148

Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

5.5CVSS5.8AI score0.00194EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 5:29 p.m.18 views

Buffer overflow

Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks or remote code execution on the device...

7.2CVSS8AI score0.00578EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/03/09 5:29 p.m.18 views

Integer overflow

Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

4.9CVSS6AI score0.00211EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/09 5:29 p.m.5 views

CVE-2017-17146

Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks or remote code execution on the device...

7.8CVSS6.6AI score0.00578EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 5:29 p.m.28 views

Design/Logic Flaw

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known...

4.3CVSS5.7AI score0.00652EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2018/03/09 5:29 p.m.21 views

CVE-2017-17147

Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

5.5CVSS6.1AI score0.00211EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 5:29 p.m.18 views

Information disclosure

Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900;...

4CVSS4.8AI score0.00772EPSS
Exploits0References1Affected Software6
Prion
Prion
added 2018/03/09 5:29 p.m.25 views

Input validation

The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...

5.5CVSS6.5AI score0.0075EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/03/09 5:29 p.m.21 views

CVE-2017-17170

The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the...

6.5CVSS6.5AI score0.0075EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 5:29 p.m.20 views

Input validation

SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote...

5CVSS5.4AI score0.00909EPSS
Exploits0References1Affected Software6
NVD
NVD
added 2018/03/09 5:29 p.m.23 views

CVE-2017-17148

Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

5.5CVSS5.9AI score0.00194EPSS
Exploits0References1
OSV
OSV
added 2018/03/09 5:29 p.m.5 views

CVE-2017-17147

Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

5.5CVSS5.8AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2018/03/09 5:29 p.m.5 views

CVE-2017-17167

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known...

5.9CVSS5.8AI score0.00652EPSS
Exploits0References2
NVD
NVD
added 2018/03/09 5:29 p.m.29 views

CVE-2017-17167

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known...

5.9CVSS5.7AI score0.00652EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/09 5:0 p.m.23 views

CVE-2017-17220

SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote...

5.4AI score0.00909EPSS
Exploits0References1
CVE
CVE
added 2018/03/09 5:0 p.m.46 views

CVE-2017-17146

CVE-2017-17146 affects Huawei DP300 V500R002C00. The vulnerability is a buffer overflow in the XML parser caused by insufficient input validation. An authenticated local attacker can craft specific XML payloads to the device, which may lead to DoS or remote code execution. The issue is documented...

7.8CVSS7.9AI score0.00578EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/03/09 5:0 p.m.49 views

CVE-2017-17148

Summary: CVE-2017-17148 affects Huawei DP300 V500R002C00. The issue is a DoS caused by lack of validation when malloc is called during XML parsing; an authenticated local attacker can craft specific XML files to trigger parsing and cause a denial of service. This is a local, low-privilege vector ...

5.5CVSS5.2AI score0.00194EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/09 5:0 p.m.20 views

CVE-2017-17219

SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote...

5.4AI score0.00909EPSS
Exploits0References1
CVE
CVE
added 2018/03/09 5:0 p.m.56 views

CVE-2017-17217

The CVE-2017-17217 issue affects Huawei MGCP on DP300, RP200, TE/V series devices (e.g., DP300 V500R002C00; V600R006C00; TE30/TE40/TE50/TE60 V100R001C10/V500R002C00/V600R006C00) with an out-of-bounds write due to insufficient validation of crafted packets. An unauthenticated remote attacker can s...

5.9CVSS5.9AI score0.00977EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder