CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

EUVD-2021-9524

Malicious code in bioql PyPI...

Information disclosure

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the informati...

eCNS280 code issue vulnerability

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system in China. In addition to providing traditional core network functions, it also provides network elements with capacity configurations based on actual applications by virtualizing network element functions...

CVE-2021-22338

The CVE-2021-22338 entry concerns an XXE injection in Huawei eCNS280, specifically versions V100R005C00 and V100R005C10. The underlying issue is that a module does not strictly validate input XML, allowing an attacker to craft messages that trigger denial of service. Public details in connected d...

eCNS280 代码问题漏洞

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system in China. In addition to providing traditional core network functions, it also provides network elements with capacity configurations based on actual applications by virtualizing network element functions...

CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

Race condition

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

CVE-2021-22378

Summary: CVE-2021-22378 corresponds to a race-condition vulnerability in Huawei eCNS280_TD devices (V100R005C00 and V100R005C10). The underlying issue is a timing window in which a database can be operated by another thread concurrently, potentially causing abnormal device behavior. Affected comp...

CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

Denial of service

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

CVE-2021-22292

The CVE-2021-22292 entry concerns Huawei eCNS280 core network equipment affected by DoS due to a design defect. The issue occurs when remote, unauthenticated attackers send a large number of specific messages to affected devices, leading to system resource exhaustion and web application DoS. Affe...

CVE-2021-22300

There is an information leak vulnerability in eCNS280TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods...

Huawei eCNS280 安全漏洞

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system. In addition to providing the network functions of a traditional core network, it also virtualizes the functions of network elements and shares standardized hardware resources among multiple network elemen...

Huawei 1288H V5 and 2288H V5 JSON Injection Vulnerability

The Huawei 1288H V5 and 2288H V5 are both rackmount server units from Huawei, a Chinese company. A security vulnerability exists in Huawei 1288H V5 and 2288H V5 version V100R005C00, which originates from the program failing to adequately validate input. A remote attacker can exploit the...

Design/Logic Flaw

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management...