CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

EUVD-2021-9524

Malicious code in bioql PyPI...

CVE-2021-39995

Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280TD V100R005C10; eSE620X vESS V100R001C10SPC200,...

Information disclosure

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the informati...

eCNS280 code issue vulnerability

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system in China. In addition to providing traditional core network functions, it also provides network elements with capacity configurations based on actual applications by virtualizing network element functions...

CVE-2021-22338

The CVE-2021-22338 entry concerns an XXE injection in Huawei eCNS280, specifically versions V100R005C00 and V100R005C10. The underlying issue is that a module does not strictly validate input XML, allowing an attacker to craft messages that trigger denial of service. Public details in connected d...

eCNS280 代码问题漏洞

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system in China. In addition to providing traditional core network functions, it also provides network elements with capacity configurations based on actual applications by virtualizing network element functions...

CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

Race condition

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

CVE-2021-22378

Summary: CVE-2021-22378 corresponds to a race-condition vulnerability in Huawei eCNS280_TD devices (V100R005C00 and V100R005C10). The underlying issue is a timing window in which a database can be operated by another thread concurrently, potentially causing abnormal device behavior. Affected comp...

CVE-2021-22378

There is a race condition vulnerability in eCNS280TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

Denial of service

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

CVE-2021-22292

The CVE-2021-22292 entry concerns Huawei eCNS280 core network equipment affected by DoS due to a design defect. The issue occurs when remote, unauthenticated attackers send a large number of specific messages to affected devices, leading to system resource exhaustion and web application DoS. Affe...

CVE-2021-22300

There is an information leak vulnerability in eCNS280TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods...

Huawei eCNS280 安全漏洞

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system. In addition to providing the network functions of a traditional core network, it also virtualizes the functions of network elements and shares standardized hardware resources among multiple network elemen...

CVE-2016-8782

Huawei CloudEngine 12800 firmware versions V100R003C00, V100R003C10, V100R005C00, V100R005C10, and V100R006C00 are affected by a memory-leak vulnerability in the LDP processing path caused by improper validation of certain fields in LDP packets. An unauthenticated attacker can repeatedly send cra...