Secospace Usg6600 Firmware Security Vulnerabilities and Issues — Secospace Usg6600 Firmware CVE List

Lucene search

HuaweiSecospace Usg6600 Firmware

34 matches found

CVE•added 2020/02/28 7:15 p.m.•106 views

CVE-2020-1881

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of th...

7.5CVSS7.4AI score0.00218EPSS

CVE•added 2020/02/28 7:15 p.m.•104 views

CVE-2020-1860

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the acces...

7.5CVSS7.5AI score0.00108EPSS

CVE•added 2020/02/28 7:15 p.m.•101 views

CVE-2020-1876

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation...

7.5CVSS7.6AI score0.00184EPSS

CVE•added 2020/02/28 7:15 p.m.•100 views

CVE-2020-1873

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient va...

7.8CVSS7.4AI score0.0019EPSS

CVE•added 2020/02/18 12:15 a.m.•94 views

CVE-2020-1815

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while pars...

7.5CVSS7.4AI score0.00251EPSS

CVE•added 2020/02/17 9:15 p.m.•88 views

CVE-2020-1856

Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600, and USG9500 versions V500R001C30, V500R001C60, and V500R005C00 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploi...

7.5CVSS7.3AI score0.00187EPSS

CVE•added 2020/02/18 12:15 a.m.•78 views

CVE-2020-1816

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attacke...

7.5CVSS7.5AI score0.00397EPSS

CVE•added 2021/03/22 7:15 p.m.•73 views

CVE-2021-22320

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Modul...

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2020/02/17 8:15 p.m.•68 views

CVE-2020-1828

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message....

7.5CVSS7.4AI score0.00251EPSS

CVE•added 2020/02/17 9:15 p.m.•66 views

CVE-2020-1829

Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory....

7.5CVSS7.4AI score0.00251EPSS

CVE•added 2020/07/08 5:15 p.m.•61 views

CVE-2019-19416

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the ...

7.5CVSS7.7AI score0.00358EPSS

CVE•added 2020/02/17 9:15 p.m.•58 views

CVE-2020-1827

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending s...

7.5CVSS7.3AI score0.00251EPSS

CVE•added 2018/04/24 3:29 p.m.•54 views

CVE-2017-17258

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V2...

7.5CVSS7.4AI score0.00147EPSS

CVE•added 2018/04/24 3:29 p.m.•53 views

CVE-2017-17257

7.5CVSS7.4AI score0.00265EPSS

CVE•added 2020/01/03 3:15 p.m.•53 views

CVE-2019-5304

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

7.8CVSS7.5AI score0.0024EPSS

CVE•added 2018/04/24 3:29 p.m.•52 views

CVE-2017-17254

7.5CVSS7.4AI score0.00148EPSS

CVE•added 2018/04/24 3:29 p.m.•52 views

CVE-2017-17256

7.5CVSS7.4AI score0.00265EPSS

CVE•added 2017/11/22 7:29 p.m.•50 views

CVE-2017-8147

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEng...

7.5CVSS7.4AI score0.0016EPSS

CVE•added 2020/07/08 5:15 p.m.•50 views

CVE-2019-19417

7.5CVSS7.7AI score0.00358EPSS

CVE•added 2020/02/17 8:15 p.m.•50 views

CVE-2020-1858

Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. At...

7.5CVSS7.3AI score0.00218EPSS

CVE•added 2020/11/13 3:15 p.m.•48 views

CVE-2020-1847

There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C...

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2020/07/08 5:15 p.m.•47 views

CVE-2019-19415

7.5CVSS7.7AI score0.00358EPSS

CVE•added 2016/05/23 7:59 p.m.•46 views

CVE-2016-4577

Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimat...

7.5CVSS8AI score0.00125EPSS

CVE•added 2018/02/15 4:29 p.m.•46 views

CVE-2017-17154

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, N...

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2018/04/24 3:29 p.m.•46 views

CVE-2017-17253

7.5CVSS7.4AI score0.00147EPSS

CVE•added 2018/04/24 3:29 p.m.•45 views

CVE-2017-17255

7.5CVSS7.4AI score0.00148EPSS

CVE•added 2018/02/15 4:29 p.m.•42 views

CVE-2017-15348

Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker...

7.8CVSS7.5AI score0.0015EPSS

CVE•added 2018/02/15 4:29 p.m.•42 views

CVE-2017-17157

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2018/02/15 4:29 p.m.•41 views

CVE-2017-17153

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2018/02/15 4:29 p.m.•41 views

CVE-2017-17155

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2017/11/22 7:29 p.m.•39 views

CVE-2017-8174

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the ...

7.5CVSS7.3AI score0.00067EPSS

CVE•added 2021/03/22 6:15 p.m.•39 views

CVE-2020-9213

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP...

7.5CVSS7.4AI score0.00182EPSS

CVE•added 2018/02/15 4:29 p.m.•38 views

CVE-2017-17156

7.5CVSS7.3AI score0.00182EPSS

CVE•added 2017/04/02 8:59 p.m.•34 views

CVE-2016-8795

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V10...

7.1CVSS5.9AI score0.00241EPSS