5 matches found
CVE-2020-9090
The CVE-2020-9090 issue affects Huawei FusionAccess 6.5.1, where an improper authorization vulnerability allows a command to run with incorrect privileges. The root cause is a mis-authorization of commands, enabling attackers with different privileges to exploit the flaw and potentially disrupt n...
CVE-2020-1825
CVE-2020-1825 affects Huawei FusionAccess prior to version 6.5.1.SPC002. The root cause is insufficient input verification in FusionAccess, enabling remote DoS when an attacker sends specially crafted messages to an affected device via another device on the same network. The impact described in t...
CVE-2015-7844
CVE-2015-7844 affects Huawei FusionAccess on software versions V100R005C10 and V100R005C20. The vulnerability arises from insufficient input verification, allowing an attacker to craft and send malformed HDP protocol packets. This can cause the virtual cloud desktop to display an error and become...
CVE-2016-8779
CVE-2016-8779 affects Huawei FusionAccess (software versions V100R005C10 and V100R005C20). A lack of input validation allows remote attackers with specific permissions to inject LDAP operations into a particular input variable, enabling access to sensitive information from the database. The vulne...
CVE-2016-6839
The CVE is tied to Huawei FusionAccess prior to V100R006C00, where an HTTP header injection vulnerability (CRLF injection) allows a remote, unauthenticated attacker to tamper with server responses and inject arbitrary HTTP headers, enabling HTTP response splitting via unspecified vectors. Connect...