Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
•added 2016/09/07 12:0 a.m.•23 views

Security Advisory - Two Vulnerabilities in Huawei WS331a

Huawei WS331a is a Mini Wireless route. There is a Cross-site request forgery CSRF vulnerability in the management interface of WS331a products, an unauthenticated attacker could exploit this vulnerability to perform a CSRF attack. Successful exploit could allow the attacker to submit special...

7.5CVSS6.9AI score0.01215EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/06/29 12:0 a.m.•23 views

Security Advisory - Integer Overflow Vulnerability in the OceanStor 5800

The OceanStor 5800 V3 Storage Systems are mid-range storage products newly developed by Huawei. The OceanStor 5800 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System NFS packets, causing an anomaly in specific disk arrays. Vulnerability...

6.5CVSS6.6AI score0.00619EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/05/07 12:0 a.m.•23 views

Security Advisory - XSS Vulnerability in the Email App of Huawei Smartphone

There is a vulnerability due to the lack of output encoding for some particular characters in the email APP built in the affected Smart Phones. A successful exploitation of the vulnerability could allow an unauthenticated remote attacker to perform a cross-site scripting XSS attack and lead to...

6.1CVSS6.3AI score0.00715EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2016/04/19 12:0 a.m.•23 views

Security Advisory - Vulnerability of No SSL Certificate Validation in Huawei Wear App and Hilink APP

A vulnerability of no SSL certificate validation exists in Huawei Wear APP and Hilink APP. These APPs still load the web page when accessing a website whose SSL certificate has issues, which brings risks to users. Vulnerability ID: HWPSIRT-2016-03008 This vulnerability has been assigned a Common...

7.5CVSS5.7AI score0.00308EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2016/03/30 12:0 a.m.•23 views

Security Advisory - Integrity Protection Vulnerability in Huawei E3276s Products

The Huawei E3276s products have an integrity protection vulnerability. As a result, user communication can be intercepted, spoofed, and injected with traffic. Vulnerability ID: HWPSIRT-2016-02019 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2016-3676...

6.4CVSS6.4AI score0.00347EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/02/18 12:0 a.m.•23 views

Security Advisory - Information Disclosure Vulnerability in the DSM

Huawei Document Security Management DSM provides document permission control. A vulnerability in the permission control module of DSM could lead to incorrect control over specific permissions on encrypted documents. Vulnerability ID:HWPSIRT-2015-12030 This vulnerability has been assigned Common...

4.3CVSS4.7AI score0.00585EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/02/17 12:0 a.m.•23 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Policy Center

Huawei Policy Center dynamically allocates network resources in a unified manner, enabling the network to provide services with more agility. Huawei Policy Center has a privilege escalation vulnerability. An attacker could log in to the device as a low-privilege user, craft a URL that contains...

9CVSS8.9AI score0.01813EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/02/03 12:0 a.m.•23 views

Security Advisory - Integer Overflow Vulnerability in Graphics Driver of Huawei Smart Phone

Graphics drivers of some Huawei smart phones have a integer overflow issue due to the lack of a parameters check, which lead to a further heap overflow vulnerability. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to crash the...

9.3CVSS7.8AI score0.00758EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/09/09 12:0 a.m.•23 views

Security Advisory - mDNS Message Improper Handling Vulnerability in Huawei WLAN AC Products

The mDNS module in Huawei WLAN AC products improperly processes mDNS packets and responds to mDNS unicast queries from outside the link local network e.g., the WAN, leading to information leaks.Vulnerability ID: HWPSIRT-2015-03024 The CVE No. of the vulnerability is CVE-2015-6586...

7.5CVSS6.8AI score0.0131EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2015/08/17 12:0 a.m.•23 views

Security Advisory - DoS Vulnerability in Huawei MBB Product

Huawei MBB Mobile Broadband product E3272s has a Denial of Service DoS vulnerability. An attacker could send a malicious packet to the Common Gateway Interface CGI of target device and make it fail while setting port attribute, which cause a DoS attack. Vulnerability ID: HWPSIRT-2015-05103 This...

5.5CVSS5.4AI score0.00201EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/06/15 12:0 a.m.•23 views

Security Advisory - Web UI Authentication Vulnerability in Huawei E5756S

Huawei E5756s has a web UI authentication vulnerability. As a result, an attacker can graft commands to view the device configuration information and perform operations, such as enabling PIN/PUK authentication without logging in to the web UI Vulnerability ID: HWPSIRT-2015-03016. This Vulnerabili...

9.8CVSS8.8AI score0.01717EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2014/08/06 12:0 a.m.•23 views

Security Advisory-CSRF Vulnerability in Huawei HiLink Products

Several Huawei HiLink products have the CSRF Vulnerability. When users use these devices to visit websites that contain malicious scripts, the malicious scripts can exploit the vulnerability to change the configurations or use the functions of products. Vulnerability ID: HWPSIRT-2014-0243 This...

6.8CVSS6AI score0.00922EPSS
Exploits4Affected Software4
Huawei
Huawei
•added 2021/01/13 12:0 a.m.•22 views

Security Advisory - Denial of Service Vulnerability in Some Huawei Products

There is a denial of service DoS vulnerability in some Huawei products. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. Vulnerability ID: HWPSIRT-2020-01270 This...

7.8CVSS7.4AI score0.00904EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/01/06 12:0 a.m.•22 views

Security Advisory - Insufficient Integrity Check Vulnerability in Huawei Product

There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. Vulnerability ID:...

6.8CVSS6.3AI score0.00146EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/12/16 12:0 a.m.•22 views

Security Advisory - Denial of Service Vulnerability in Huawei Smartphone

There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service DoS on the specific module. Vulnerability ID: HWPSIRT-2020-06018 This vulnerability has...

7.5CVSS7.4AI score0.00877EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2020/12/02 12:0 a.m.•22 views

Security Advisory - Resource Management Error Vulnerability in Huawei CloudEngine 1800V Product

CloudEngine 1800V product has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded normally. Vulnerability ID: HWPSIRT-2020-86502 This vulnerability has been...

7.5CVSS7.5AI score0.00736EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/08/12 12:0 a.m.•22 views

Security Advisory - Code Execution Vulnerability in Fastjson Affect Several Huawei Products

There is a code execution vulnerability in Fastjson affect several Huawei products. Fastjson is an opensource JSON parsing library, successful exploit could allow the attacker bypass the limit of autoType then execute code. Vulnerability ID: HWPSIRT-2020-05962 Huawei has released software updates...

7.5AI score
Exploits0Affected Software4
Huawei
Huawei
•added 2020/06/24 12:0 a.m.•22 views

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in several smartphones. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. Vulnerability ID: HWPSIRT-2019-1010...

5.3CVSS4.9AI score0.00278EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2019/09/18 12:0 a.m.•22 views

Security Advisory - Improper Authentication Vulnerability in Some Huawei CloudEngine Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

7.2AI score0.00971EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/09/05 12:0 a.m.•22 views

Security Advisory - DoS Vulnerability in Some Huawei Smart Phones

There is a denial of service DoS vulnerability in some Huawei smart phones. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the parameter, successful exploitation can cause the smartphone black screen until...

7.1CVSS5.3AI score0.0056EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2018/04/28 12:0 a.m.•22 views

Security Advisory - DoS Vulnerability in Some Huawei MBB Products

Some Huawei MBB Mobile Broadband products have a Denial of Service DoS vulnerability. When an attacker accessing device sends special http request to device, the webserver process will try to apply too much memory which can cause the device to become unable to respond. An attacker can launch a Do...

6.5CVSS6.4AI score0.00372EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/04/11 12:0 a.m.•22 views

Security Advisory - Invalid Memory Access Vulnerability in Some Huawei Products

There is an invalid memory access vulnerabilities in SCCPX module of some Huawei products. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal. Vulnerability...

5.3CVSS5.5AI score0.02001EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2018/03/21 12:0 a.m.•22 views

Security Advisory - Integer overflow Vulnerability in Bdat Driver of Huawei Smart Phone

The Bdat driver of some Huawei smart phones has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can send a specific parameter to the driver of the smart phone, causing...

9.3CVSS7.9AI score0.01009EPSS
Exploits0Affected Software5
Huawei
Huawei
•added 2018/03/14 12:0 a.m.•22 views

Security Advisory - Information Disclosure Vulnerability on Huawei Smartphones

There is an information disclosure vulnerability on Huawei smartphones. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel...

7.1CVSS5AI score0.00761EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/12/13 12:0 a.m.•22 views

Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones

Some Huawei smartphones have an information leak vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can read some sensitive information in kernel memory, which may cause sensitive...

5.5CVSS5AI score0.00658EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/12/13 12:0 a.m.•22 views

Security Advisory - Information Disclosure Vulnerability on Huawei Smartphones

There is an information disclosure vulnerability on Huawei smartphones. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. Successful exploit could result in information...

5.5CVSS5AI score0.00669EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/11/29 12:0 a.m.•22 views

Security Advisory - DoS Vulnerability in Some Huawei Smart Phones

There is a denial of service DoS vulnerability in some Huawei smart phones. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation can cause camera application unusable. Vulnerability ID: HWPSIRT-2017-09006 This vulnerability has bee...

4.3CVSS3.8AI score0.0055EPSS
Exploits0Affected Software9
Huawei
Huawei
•added 2017/11/22 12:0 a.m.•22 views

Security Advisory - Authentication Bypass Vulnerability in the 'Find Phone' Function of Some Huawei Smart Phones

There is an authentication bypass vulnerability in the 'Find Phone' function of some Huawei smart phone. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally...

7.2CVSS6.7AI score0.00333EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/10/18 12:0 a.m.•22 views

Security Advisory - DOS Vulnerability in Bastet Component of Huawei Smart Phone

The Bastet of some Huawei mobile phones has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot. Vulnerability ID: HWPSIRT-2017-08155 This vulnerability has been...

7.1CVSS5.4AI score0.0055EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/04/05 12:0 a.m.•22 views

Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones

Some Huawei smartphones have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN. Vulnerability ID:...

5.5CVSS5.2AI score0.00664EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/08/17 12:0 a.m.•22 views

Security Advisory - Information Leak Vulnerability in Some Huawei Servers

Some Huawei servers have an information leak vulnerability. The servers allow users to select security encryption algorithms. If an insecure encryption algorithm is selected, an attacker may decrypt ciphertext data, causing information leaks. Vulnerability ID: HWPSIRT-2016-07019 This vulnerabilit...

7.5CVSS7.5AI score0.00967EPSS
Exploits0Affected Software11
Huawei
Huawei
•added 2016/06/29 12:0 a.m.•22 views

Security Advisory - XSS Vulnerability in Huawei Public Cloud Solution

The Public Cloud Solution has a Cross-Site Scripting XSS vulnerability in volume backup service module. An attacker can insert special characters to modify server data. Vulnerability ID: HWPSIRT-2016-06017 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID:...

5.4CVSS5.3AI score0.00433EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/01/12 12:0 a.m.•22 views

Security Advisory - Information Exposure Vulnerability in Huawei Ethernet Switch

There is an information exposure vulnerability in Huawei Ethernet switch. When uploading files to some directory, the user needs to enter the username and password. However, the system does not mask passwords. As a result, the password entered is displayed in plain text, leading to password leaks...

6.2CVSS6.2AI score0.0026EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/12/02 12:0 a.m.•22 views

Security Advisory - DoS Vulnerability in Huawei LogCenter

Huawei LogCenter has a DoS vulnerability. After login to the LogCenter, an attacker can add abnormal device information to the log collection module. The LogCenter system does not verify input device information. As a result, the log collection module denies services. Vulnerability ID:...

6.5CVSS6.3AI score0.00619EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/08/05 12:0 a.m.•22 views

Security Advisory - CF Card Information Leak Vulnerability on Multiple Huawei Products

The CF cards on some Huawei switches and ARs contain some sensitive information in plaintext. Once an attacker gets such a CF card, it may result in the leak of sensitive information HWPSIRT-2015-07048. Currently, official fixes are available...

6.5AI score
Exploits0Affected Software7
Huawei
Huawei
•added 2015/02/11 12:0 a.m.•22 views

Security Advisory- Local Denial of Service Vulnerability in Huawei Ascend P7

Huawei Ascend P7 Sophia-L09 uses Android 4.4, which is the upgrade version of EMUI 3.0. The phone module crashes when a third-party app sends specific broadcast messages or enables specific UIs. Vulnerability ID: HWPSIRT-2014-1233 This vulnerability has been assigned Common Vulnerabilities and...

7.5CVSS7.1AI score0.0117EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2014/03/10 12:0 a.m.•22 views

Security Advisory-Improper User Permission Setting Vulnerability in Huawei eSpace Meeting

User permissions are not properly set on Huawei eSpace Meeting. Attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources. HWPSIRT-2014-0241. This Vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID:...

7CVSS6.5AI score0.0064EPSS
Exploits1Affected Software1
Huawei
Huawei
•added 2012/08/04 12:0 a.m.•22 views

Security Advisory-Buffer Overflow on Stack in HTTP Module

Branch Intelligent Management System BIMS and Web management is provided by Huawei for network and device management. Both BIMS and Web management use HTTP. Therefore, to use BIMS and Web management, you must enable HTTP. Attackers can make stack overflow by sending messages with the URI whose...

7.6AI score
Exploits0
Huawei
Huawei
•added 2021/01/27 12:0 a.m.•21 views

Security Advisory - Buffer Overflow Vulnerability in Huawei Smartphone

There is a buffer overflow vulnerability in Huawei smartphone. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service...

3.3CVSS4.2AI score0.00203EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/11/11 12:0 a.m.•21 views

Security Advisory - Improper Buffer Operation Restrictions Vulnerability on Huawei Smartphone

There is a vulnerability of improper buffer operation in Huawei smartphone. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow. Vulnerability ID: HWPSIRT-2020-08183 This vulnerability has been assigned a Common...

6.2AI score0.00203EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/03/25 12:0 a.m.•21 views

Security Advisory - Use-after-free Vulnerability in Some Huawei Smart Phone

There is a use-after-free UAF vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability. Vulnerability ID: HWPSIRT-2019-12405 This...

5.5CVSS5.3AI score0.00189EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/12/01 12:0 a.m.•21 views

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Some Huawei Products

There are three buffer overflow vulnerabilities in the SIP backup feature of some Huawei products. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal...

5.3CVSS5.4AI score0.00906EPSS
Exploits0Affected Software23
Huawei
Huawei
•added 2017/12/01 12:0 a.m.•21 views

Security Advisory - Memory Double Free Vulnerability in GPU Driver of Some Huawei Smart Phones

The GPU driver of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could triggers double free and causes a system crash or arbitrary code execution. Vulnerability ID:...

9.3CVSS7.8AI score0.0099EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/01/25 12:0 a.m.•21 views

Security Advisory - Authentication Bypass Vulnerability in the 'Find Phone' Function of some Huawei Smart Phones

The 'Find Phone' function of some Huawei smart phones has an authentication bypass vulnerability. An unauthenticated attacker may wipe and factory reset the phone by special steps. Due to missing authentication of the 'Find Phone' function, an attacker may exploit the vulnerability to bypass the...

4.9CVSS4.9AI score0.00281EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/11/23 12:0 a.m.•21 views

Security Advisory - Privilege Escalation Vulnerability in the FusionStorage

FusionStorage is a piece of distributed block storage software specifically designed for the storage infrastructure of cloud computing data centers. The maintenance module of Huawei FusionStorage has a privilege escalation vulnerability. After logging in to the FusionStorage successfully as a...

7.5CVSS7.8AI score0.00217EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/08/24 12:0 a.m.•21 views

Security Advisory - Resource Management Vulnerability in Huawei Servers

Some Huawei servers have a resource management vulnerability in the iBMC Intelligent Baseboard Management Controller. A local attacker could exploit this vulnerability to exhaust iBMC resources and cause a denial of service. Vulnerability ID: HWPSIRT-2016-05251 This vulnerability has been assigne...

5.5CVSS5.4AI score0.00207EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2016/08/24 12:0 a.m.•21 views

Security Advisory - Information Leak Vulnerability in Huawei FusionSphere Product

The open-source component Xenstore in the FusionSphere has an information leak vulnerability due to loose security settings. Successful exploit could allow an authenticated attacker to obtain partial information from virtual machines. Vulnerability ID: HWPSIRT-2016-06067. Huawei has released...

6.4AI score
Exploits0Affected Software1
Huawei
Huawei
•added 2015/12/02 12:0 a.m.•21 views

Security Advisory - Privilege Escalation Vulnerability in Huawei LogCenter

Huawei LogCenter has a privilege escalation vulnerability. After login to the LogCenter, a low privileged attacker can tamper with requests using a tool and submit the request to the server for privilege escalation, affecting some system functions. Vulnerability ID: HWPSIRT-2015-09020 This...

8.8CVSS8.8AI score0.00883EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2014/10/11 12:0 a.m.•21 views

Security Advisory-XSS Security Vulnerability on Huawei E355

Huawei E355 portable 3G wireless routers have the stored cross-site scripting XSS vulnerability. Attackers can exploit the vulnerability to plant malicious scripts into the configuration file to interrupt the services of legitimate users. Vulnerability ID: HWPSIRT-2014-0516 The CVE No. of the...

4.3CVSS5AI score0.00798EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2012/12/03 12:0 a.m.•21 views

Security Advisory-Segment Fault When Parsing Http Request in Web server of E585

HUAWEI E585 Wireless Modem is the terminal which can realize the high-speed wireless network access. The access is realized by the connection between USB interfaces and PCs or by the connection between WiFi and many wireless devices. In the network coverage area of HSPA/UMTS or EDGE/GPRS/GSM, use...

6.6AI score
Exploits0Affected Software2
Total number of security vulnerabilities1006