S9700 Firmware Security Vulnerabilities and Issues — S9700 Firmware CVE List

Lucene search

HuaweiS9700 Firmware

35 matches found

CVE•added 2019/06/04 7:29 p.m.•221 views

CVE-2019-5285

Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) ...

7.8CVSS7.4AI score0.00117EPSS

CVE•added 2018/03/05 7:29 p.m.•60 views

CVE-2017-17137

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R0...

5.5CVSS5.2AI score0.00017EPSS

CVE•added 2021/03/22 8:15 p.m.•56 views

CVE-2021-22321

There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include s...

5.3CVSS5.3AI score0.00207EPSS

CVE•added 2018/01/30 5:29 p.m.•55 views

CVE-2014-4705

Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2...

7.8CVSS7.4AI score0.00307EPSS

CVE•added 2019/12/13 3:15 p.m.•54 views

CVE-2019-19397

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.

7.5CVSS7.3AI score0.00187EPSS

CVE•added 2018/02/15 4:29 p.m.•53 views

CVE-2017-15333

XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200...

4.7CVSS4.7AI score0.00077EPSS

CVE•added 2021/01/13 11:15 p.m.•52 views

CVE-2020-1866

There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C...

6.5CVSS6.5AI score0.00041EPSS

CVE•added 2017/04/02 8:59 p.m.•51 views

CVE-2014-8570

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712...

5.3CVSS5.2AI score0.00111EPSS

CVE•added 2017/11/22 7:29 p.m.•50 views

CVE-2017-8147

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEng...

7.5CVSS7.4AI score0.0016EPSS

CVE•added 2021/10/27 1:15 a.m.•50 views

CVE-2021-37129

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:I...

7.5CVSS7.4AI score0.00182EPSS

CVE•added 2016/04/14 3:59 p.m.•49 views

CVE-2015-8676

Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 b...

7.8CVSS7.3AI score0.00437EPSS

CVE•added 2018/03/05 7:29 p.m.•48 views

CVE-2017-17135

5.5CVSS5.2AI score0.00021EPSS

CVE•added 2017/06/08 9:29 p.m.•47 views

CVE-2015-3913

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.

7.8CVSS7.3AI score0.00281EPSS

CVE•added 2017/12/22 5:29 p.m.•47 views

CVE-2017-15324

Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the...

7.8CVSS7.3AI score0.0021EPSS

CVE•added 2018/04/11 5:29 p.m.•47 views

CVE-2017-15327

S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, ...

4.3CVSS4.2AI score0.00106EPSS

CVE•added 2018/02/15 4:29 p.m.•47 views

CVE-2017-17300

Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain a...

7.8CVSS7.7AI score0.00421EPSS

CVE•added 2016/04/14 3:59 p.m.•46 views

CVE-2015-8677

Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, a...

6.8CVSS6.2AI score0.00376EPSS

CVE•added 2016/09/26 3:59 p.m.•46 views

CVE-2016-6518

Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of malformed packets.

7.5CVSS7.4AI score0.00321EPSS

CVE•added 2018/02/15 4:29 p.m.•46 views

CVE-2017-15346

4.7CVSS4.6AI score0.00077EPSS

CVE•added 2017/04/02 8:59 p.m.•45 views

CVE-2014-8572

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R0...

7.8CVSS7.4AI score0.00281EPSS

CVE•added 2017/06/08 4:29 p.m.•45 views

CVE-2015-2800

The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, whi...

7.8CVSS7.4AI score0.02804EPSS

CVE•added 2018/03/05 7:29 p.m.•45 views

CVE-2017-17141

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C0...

4.3CVSS4.3AI score0.00176EPSS

CVE•added 2018/03/09 5:29 p.m.•45 views

CVE-2017-17250

Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 ...

7.1CVSS6.7AI score0.00174EPSS

CVE•added 2017/04/02 8:59 p.m.•44 views

CVE-2016-2404

Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a swit...

7.5CVSS7.5AI score0.00165EPSS

CVE•added 2021/06/29 8:15 p.m.•44 views

CVE-2021-22329

There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect i...

4.9CVSS5AI score0.00088EPSS

CVE•added 2016/09/07 7:28 p.m.•42 views

CVE-2016-6670

Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate.

5.3CVSS5.4AI score0.00141EPSS

CVE•added 2018/03/05 7:29 p.m.•42 views

CVE-2017-17138

PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; ...

5.5CVSS5.2AI score0.00012EPSS

CVE•added 2016/04/11 3:59 p.m.•41 views

CVE-2016-3678

Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic.

7.8CVSS7.4AI score0.00281EPSS

CVE•added 2017/04/02 8:59 p.m.•41 views

CVE-2016-8797

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V...

7.5CVSS7.5AI score0.00277EPSS

CVE•added 2018/03/05 7:29 p.m.•41 views

CVE-2017-17136

5.5CVSS5.4AI score0.00016EPSS

CVE•added 2018/03/09 9:29 p.m.•40 views

CVE-2016-8786

Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V...

7.8CVSS7.5AI score0.00221EPSS

CVE•added 2018/03/09 9:29 p.m.•39 views

CVE-2016-8785

Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using V...

4.3CVSS4.5AI score0.00103EPSS

CVE•added 2017/09/25 9:29 p.m.•37 views

CVE-2015-7846

Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information.

4.6CVSS4.5AI score0.00034EPSS

CVE•added 2017/04/02 8:59 p.m.•37 views

CVE-2016-8773

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200...

7.5CVSS7.3AI score0.00211EPSS

CVE•added 2018/01/08 7:29 p.m.•34 views

CVE-2014-5394

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

5.9CVSS5.6AI score0.0045EPSS