CVE-2026-34553 iccDEV: DoS in CIccCLUT::Iterate() & CIccMBB::Describe()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate and output produced by CIccMBB::Describe via CLUT dumping. This issue has been patched in version 2.3.1....

EUVD-2017-8484

Malware in sbrugna...

CVE-2017-17318

Huawei MBB Mobile Broadband products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service DoS vulnerability. When an attacker accessing device sends special http request to device, the...

CVE-2017-17318

Huawei MBB devices E5771h-937 and E5771h-937TCPU variants (before E200R001B328D62SP00C1133 and before E200R001B329D05SP00C1308, respectively) are affected by CVE-2017-17318. The DoS arises when a crafted HTTP request causes the device’s web server to exhaust memory, potentially making the device ...

CVE-2017-17318

Huawei MBB Mobile Broadband products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service DoS vulnerability. When an attacker accessing device sends special http request to device, the...

Security Advisory - DoS Vulnerability in Some Huawei MBB Products

Some Huawei MBB Mobile Broadband products have a Denial of Service DoS vulnerability. When an attacker accessing device sends special http request to device, the webserver process will try to apply too much memory which can cause the device to become unable to respond. An attacker can launch a Do...

CVE-2017-14268

EE 4GEE WiFi MBB before EE600005.0031 devices have XSS in the smscontent parameter in a getSMSlist request...

Cross site request forgery (csrf)

EE 4GEE WiFi MBB before EE600005.0031 devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings...

CVE-2017-14267

EE 4GEE WiFi MBB before EE600005.0031 devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings...

Cross site request forgery (csrf)

EE 4GEE WiFi MBB before EE600005.0031 devices have XSS in the smscontent parameter in a getSMSlist request...

CVE-2017-14268

EE 4GEE WiFi MBB before EE600005.0031 devices have XSS in the smscontent parameter in a getSMSlist request...

CVE-2017-14269

CVE-2017-14269 affects EE 4GEE WiFi MBB devices (before EE60_00_05.00_31). The vulnerability allows remote attackers to obtain sensitive data via a JSONP endpoint, demonstrated as passwords and SMS content exposure. The root cause is an insecure JSONP/endpoint handling that leaks confidential inf...

CVE-2017-14267

EE 4GEE WiFi MBB devices (before EE60_00_05.00_31) are affected by a Cross‑Site Request Forgery (CSRF) vulnerability in admin actions exposed via goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings. The issue enables un...

CVE-2017-14268

CVE-2017-14268 affects EE 4GEE WiFi MBB devices (before EE60_00_05.00_31). A Cross-Site Scripting (XSS) vulnerability exists in the sms_content parameter of a getSMSlist request. Exploitation context and impact are limited in the provided documents to input‑based script injection; no further expl...

CVE-2017-14267

EE 4GEE WiFi MBB before EE600005.0031 devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings...

EE 4GEE Wireless Router EE60_00_05.00_25 XSS / CSRF / Disclosure Vulnerabilities

EE 4GEE wireless router version EE600005.0025 suffers from cross site request forgery, cross site scripting, and information disclosure vulnerabilities. EE 4GEE Wireless Router - Multiple Security Vulnerabilities Advisory ------------------------------------------------- Hardware Version/Model:...

Denial of service

Huawei MBB Mobile Broadband product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service DoS vulnerability. An attacker could send a malicious packet to the Common Gateway Interface CGI of a target device and make it fail while setting the port...

CVE-2015-7847

Huawei MBB Mobile Broadband product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service DoS vulnerability. An attacker could send a malicious packet to the Common Gateway Interface CGI of a target device and make it fail while setting the port...

CVE-2015-7847

Huawei MBB E3272s devices running versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 are reported vulnerable to a DoS via a crafted packet to the CGI that causes the device to fail when setting the port attribute. This is supported by CVE-2015-7847 records and Huawei’s HWPSIRT-2015-05103...

CVE-2015-7847

Huawei MBB Mobile Broadband product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service DoS vulnerability. An attacker could send a malicious packet to the Common Gateway Interface CGI of a target device and make it fail while setting the port...