Huawei Multiple Products H323 Protocol Null Pointer Reference Vulnerability (CNVD-2018-08041)

AR120-S, AR1200, DP300, RSE6500, Secospace USG6300, ViewPoint 8660 are all network equipment from Huawei China. A null pointer reference vulnerability exists in the H323 protocol of various Huawei products, which allows an attacker to send malformed messages to the affected devices without...

CVE-2017-17217

Media Gateway Control Protocol MGCP in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An...

CVE-2017-17148

Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

CVE-2017-17167

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known...

CVE-2017-17146

Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks or remote code execution on the device...

CVE-2017-17147

Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...

CVE-2017-17183

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an...

CVE-2017-15356

Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially...

Integer Overflow Vulnerability in Multiple Huawei Products

Huawei DP300, RP200, TE series, etc. are all-in-one desktop SmartZen and all-in-one video conferencing terminal products of Huawei China Company. An integer overflow vulnerability exists in multiple Huawei products, which is due to the device failing to adequately validate some fields in a messag...

MGCP protocol out-of-bounds read vulnerability in multiple Huawei products

Huawei DP300, RP200, TE series, etc. are all-in-one desktop SmartZen and all-in-one video conferencing terminal products of Huawei China Company. An out-of-bounds read vulnerability exists in the MGCP protocol of several Huawei products, which is due to the program's failure to adequately verify...

Multiple Huawei products CIDAM protocol information leakage vulnerability

Huawei DP300 etc. are products of Huawei, China.DP300 is a videoconferencing terminal.RP200 is an all-in-one videoconferencing device.CIDAM is one of the message transfer protocols. An information disclosure vulnerability exists in the CIDAM protocol in several Huawei products due to the...

Huawei DP300 CIDAM Protocol Input Validation Vulnerability (CNVD-2017-38105)

Huawei DP300 is a video conferencing terminal from Huawei, China.CIDAM is one of the messaging protocols. An input validation vulnerability exists in the CIDAM protocol in the Huawei DP300 due to the program failing to adequately validate specific information. A remote attacker could exploit this...

Huawei DP300 CIDAM Protocol Input Checksum Vulnerability (CNVD-2017-38106)

Huawei DP300 is a video conferencing terminal from Huawei, China.CIDAM is one of the messaging protocols. An input validation vulnerability exists in the CIDAM protocol in the Huawei DP300 due to the program failing to adequately validate specific information. A remote attacker could exploit this...

Huawei DP300 XML Parser Buffer Overflow Vulnerability

Huawei DP300 is a video conferencing endpoint from Huawei, a Chinese company. A buffer overflow vulnerability exists in the Huawei DP300 XML parser due to the XML parser failing to adequately validate incoming content. An authenticated local attacker can construct a specific XML file and parse it...

Huawei DP300 XML Parser Integer Overflow Vulnerability

Huawei DP300 is a video conferencing endpoint from Huawei, a Chinese company. An integer overflow vulnerability exists in the Huawei DP300 XML parser due to the XML parser failing to adequately validate incoming content. An authenticated, local attacker could launch a denial of service attack by...

Huawei DP300 XML Parser Denial of Service Vulnerability

Huawei DP300 is a video conferencing endpoint from Huawei, a Chinese company. A denial of service vulnerability exists in the Huawei DP300 XML parser due to the product's failure to adequately checksum the malloc call to request memory. An authenticated, local attacker could launch a denial of...