Hedex Lite Security Vulnerabilities and Issues — Hedex Lite CVE List

Lucene search

HuaweiHedex Lite

4 matches found

CVE•added 2017/11/22 7:29 p.m.•34 views

CVE-2017-8136

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak.

5.5CVSS5.4AI score0.00088EPSS

CVE•added 2017/11/22 7:29 p.m.•33 views

CVE-2017-8137

HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking.

9.3CVSS7.4AI score0.00057EPSS

CVE•added 2017/11/22 7:29 p.m.•33 views

CVE-2017-8138

HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services.

8.8CVSS8.6AI score0.00062EPSS

CVE•added 2017/11/22 7:29 p.m.•32 views

CVE-2017-8139

HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability. Attackers can exploit the vulnerability to plant malicious scripts into the configuration file to interrupt the services of legitimate users.

6.1CVSS5.9AI score0.00115EPSS