Vulnerabilites related to huawei - usg5500
CVE-2016-8276 (GCVE-0-2016-8276)
Vulnerability from cvelistv5
Published
2016-10-03 21:00
Modified
2024-08-06 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:29.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en"
},
{
"name": "92962",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92962"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-03T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en"
},
{
"name": "92962",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92962"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2016-8276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en"
},
{
"name": "92962",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92962"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2016-8276",
"datePublished": "2016-10-03T21:00:00",
"dateReserved": "2016-09-18T00:00:00",
"dateUpdated": "2024-08-06T02:20:29.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8084 (GCVE-0-2015-8084)
Vulnerability from cvelistv5
Published
2015-12-07 20:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:31.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
},
{
"name": "77300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-12-07T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
},
{
"name": "77300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
},
{
"name": "77300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8084",
"datePublished": "2015-12-07T20:00:00",
"dateReserved": "2015-11-06T00:00:00",
"dateUpdated": "2024-08-06T08:06:31.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8798 (GCVE-0-2016-8798)
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- defense mechanism bypass
Summary
Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | USG5500 V300R001C00 and V300R001C00 |
Version: USG5500 V300R001C00 and V300R001C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:01.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en"
},
{
"name": "93891",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93891"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "USG5500 V300R001C00 and V300R001C00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "USG5500 V300R001C00 and V300R001C00"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "defense mechanism bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T09:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en"
},
{
"name": "93891",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93891"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2016-8798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "USG5500 V300R001C00 and V300R001C00",
"version": {
"version_data": [
{
"version_value": "USG5500 V300R001C00 and V300R001C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "defense mechanism bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en"
},
{
"name": "93891",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93891"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2016-8798",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:35:01.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9136 (GCVE-0-2014-9136)
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 13:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CSRF
Summary
Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | FusionManager FusionManager All V100R002C03 versions, All V100R003C00 versions, |
Version: FusionManager FusionManager All V100R002C03 versions, All V100R003C00 versions, |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:13.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FusionManager FusionManager All V100R002C03 versions, All V100R003C00 versions,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FusionManager FusionManager All V100R002C03 versions, All V100R003C00 versions,"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-02T19:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2014-9136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FusionManager FusionManager All V100R002C03 versions, All V100R003C00 versions,",
"version": {
"version_data": [
{
"version_value": "FusionManager FusionManager All V100R002C03 versions, All V100R003C00 versions,"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-372186",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2014-9136",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2014-11-28T00:00:00",
"dateUpdated": "2024-08-06T13:33:13.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9137 (GCVE-0-2014-9137)
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 13:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CSRF
Summary
Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | USG9500,USG2100,USG2200,USG5100,USG5500, USG9500 V200R001C01SPC800 and earlier versions, All V300R001C00 versions,USG2100 V300R001C00SPC900 and earlier versions,USG2200 V300R001C00SPC900,USG5100 V300R001C00SPC900, |
Version: USG9500,USG2100,USG2200,USG5100,USG5500, USG9500 V200R001C01SPC800 and earlier versions, All V300R001C00 versions,USG2100 V300R001C00SPC900 and earlier versions,USG2200 V300R001C00SPC900,USG5100 V300R001C00SPC900, |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:13.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "USG9500,USG2100,USG2200,USG5100,USG5500, USG9500 V200R001C01SPC800 and earlier versions, All V300R001C00 versions,USG2100 V300R001C00SPC900 and earlier versions,USG2200 V300R001C00SPC900,USG5100 V300R001C00SPC900,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "USG9500,USG2100,USG2200,USG5100,USG5500, USG9500 V200R001C01SPC800 and earlier versions, All V300R001C00 versions,USG2100 V300R001C00SPC900 and earlier versions,USG2200 V300R001C00SPC900,USG5100 V300R001C00SPC900,"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-02T19:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2014-9137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "USG9500,USG2100,USG2200,USG5100,USG5500, USG9500 V200R001C01SPC800 and earlier versions, All V300R001C00 versions,USG2100 V300R001C00SPC900 and earlier versions,USG2200 V300R001C00SPC900,USG5100 V300R001C00SPC900,",
"version": {
"version_data": [
{
"version_value": "USG9500,USG2100,USG2200,USG5100,USG5500, USG9500 V200R001C01SPC800 and earlier versions, All V300R001C00 versions,USG2100 V300R001C00SPC900 and earlier versions,USG2200 V300R001C00SPC900,USG5100 V300R001C00SPC900,"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-372186",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2014-9137",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2014-11-28T00:00:00",
"dateUpdated": "2024-08-06T13:33:13.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6669 (GCVE-0-2016-6669)
Vulnerability from cvelistv5
Published
2016-09-22 15:00
Modified
2024-08-06 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:29.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92441",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92441"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "92441",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92441"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92441"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6669",
"datePublished": "2016-09-22T15:00:00",
"dateReserved": "2016-08-10T00:00:00",
"dateUpdated": "2024-08-06T01:36:29.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | fusionmanager | v100r002c03 | |
| huawei | fusionmanager | v100r003c00 | |
| huawei | usg9500_firmware | * | |
| huawei | usg9500_firmware | v300r001c00 | |
| huawei | usg9500 | - | |
| huawei | usg2100_firmware | * | |
| huawei | usg2100 | - | |
| huawei | usg2200_firmware | * | |
| huawei | usg2200 | - | |
| huawei | usg5100_firmware | * | |
| huawei | usg5100 | - | |
| huawei | usg5500_firmware | * | |
| huawei | usg5500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:fusionmanager:v100r002c03:*:*:*:*:*:*:*",
"matchCriteriaId": "433EA4EE-77D4-40B7-8DD2-BC8500A498E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:fusionmanager:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "53A333D1-1346-4CF3-A17A-25A8A5A92713",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB84AA3-8F2D-40F4-998F-D8941C38EB15",
"versionEndIncluding": "v200r001c01spc800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "52132C6A-9B3C-47A1-8889-7B55C3C2A639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C486D62-23FD-4D64-AF97-2A70B1D6B715",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg2100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56136202-9759-4A86-A52B-AE841319C4DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD11D623-1A81-4535-9BA1-1C5A118FE70C",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A78C3EBF-B7B0-4239-95CF-588D78FF6BA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B881A96B-5B20-44D3-A039-7EFFEFEFFAF8",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5140E0A4-AA43-4410-BE72-7A751B8025D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1799A24D-062B-4E70-BB59-41B8BC7D0A12",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC12456-351D-4DA4-8576-7FE9157E61DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface."
},
{
"lang": "es",
"value": "Huawei USG9500 con software V200R001C01SPC800 y versiones anteriores, V300R001C00; USG2100 con software V300R001C00SPC900 y versiones anteriores; USG2200 con software V300R001C00SPC900; USG5100 con software V300R001C00SPC900 podr\u00edan permitir a un atacante remoto no autenticado, llevar a cabo un ataque de CSRF contra el usuario de la interfaz web."
}
],
"id": "CVE-2014-9137",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:00.470",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-03 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en | Vendor Advisory | |
| psirt@huawei.com | http://www.securityfocus.com/bid/92962 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92962 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:usg2100:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE35454-78BD-4DCC-AD48-06A1DEA317FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg2100:v300r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA497E1-93B0-44C9-A9D3-00CF9462FA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg2200:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCD0D03-10CD-4CE1-8095-CDEE34C9E484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg2200:v300r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "55FD4680-95F2-4310-AC8B-8DDB2B9ACE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg5100:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C7F00E54-B3A2-4FDD-828A-F212F313A9AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg5100:v300r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7FDE1-2567-4F5D-B3BD-B11CF1CAB7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg5500:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "71C29665-D669-4538-95BB-1080BB93F8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:usg5500:v300r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "CC164C2F-2578-495F-B65C-BDC35695D698",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el m\u00f3dulo Point-to-Point Protocol over Ethernet (PPPoE) en gateways de seguridad unificadasHuawei USG2100, USG2200, USG5100 y USG5500 con software en versiones anteriores a V300R001C10SPC600, cuando la autenticaci\u00f3n CHAP est\u00e1 configurada en el servidor, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del servidor) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de paquetes manipulados enviados durante la autenticaci\u00f3n."
}
],
"id": "CVE-2016-8276",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-03T21:59:09.457",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92962"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-22 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | usg2100_firmware | * | |
| huawei | usg2100_firmware | * | |
| huawei | usg2200_firmware | * | |
| huawei | usg2200_firmware | * | |
| huawei | usg5100_firmware | * | |
| huawei | usg5100_firmware | * | |
| huawei | usg5500_firmware | * | |
| huawei | usg5500_firmware | * | |
| huawei | usg2100 | - | |
| huawei | usg2200 | - | |
| huawei | usg5100 | - | |
| huawei | usg5500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F720A197-A45A-4BC4-87ED-26D1E3FD1F40",
"versionEndIncluding": "v300r001c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AECAEA1-22C8-4E17-91A2-81C3450BC00C",
"versionEndIncluding": "v300r001c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325542AB-7154-4A5B-A85C-62AB251C4AC6",
"versionEndIncluding": "v300r001c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1480DC9-5518-43D9-A760-3779FF54C191",
"versionEndIncluding": "v300r001c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8132BF37-35B4-4385-A864-006EB5D2021F",
"versionEndIncluding": "v300r001c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "254AAB81-1C18-4C3D-A45C-2F0B035767D8",
"versionEndIncluding": "v300r001c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95F806D1-25F5-4D38-A9EA-C5E195C645A5",
"versionEndIncluding": "v300r001c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "605BC300-CCC1-4846-9848-3FA87256DD64",
"versionEndIncluding": "v300r001c10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg2100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56136202-9759-4A86-A52B-AE841319C4DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:usg2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A78C3EBF-B7B0-4239-95CF-588D78FF6BA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:usg5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5140E0A4-AA43-4410-BE72-7A751B8025D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:usg5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC12456-351D-4DA4-8576-7FE9157E61DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el m\u00f3dulo Authentication, Authorization y Accounting (AAA) en las puertas de entrada de seguridad unificadas USG2100, USG2200, USG5100 y USG5500 en Huawei con software en versiones anteriores a V300R001C10SPC600 permite a servidores RADIUS remotos autenticados ejecutar c\u00f3digo arbitrario enviando un paquete EAP manipulado."
}
],
"id": "CVE-2016-6669",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-22T15:59:05.977",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/92441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92441"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en | Vendor Advisory | |
| psirt@huawei.com | http://www.securityfocus.com/bid/93891 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93891 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | usg5500_firmware | v300r001c00 | |
| huawei | usg5500_firmware | v300r001c10 | |
| huawei | usg5500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg5500_firmware:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5243A260-97C2-4DCA-BB0D-7F8013531C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg5500_firmware:v300r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA0DF9-74A3-4BEE-95A4-EBAEDC0EA5E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC12456-351D-4DA4-8576-7FE9157E61DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server."
},
{
"lang": "es",
"value": "Huawei USG5500 con software V300R001C00 y V300R001C00 permiten a atacantes eludir el m\u00f3dulo anti-DDoS del USGs para provocar una condici\u00f3n de denegaci\u00f3n de servicio en el servidor backend."
}
],
"id": "CVE-2016-8798",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:01.890",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93891"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-07 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:unified_security_gateway_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF6E6BB-A840-42F2-A821-6BF13AA8AF5B",
"versionEndIncluding": "v300r001c10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8CA0C9-2506-41FE-BAB5-F2E96C60CA7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:usg2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15CAAE27-6D0D-4D76-92BF-A74ECE5A372D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:usg5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9751860-5969-4D12-B73D-7B0F2A935E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:usg5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D99C471-A099-4B82-BAE2-85C6B40FEDA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets."
},
{
"lang": "es",
"value": "Puertas de enlace de seguridad unificadas Huawei USG5500, USG2100, USG2200 y USG5100 con software en versiones anteriores a V300R001C10SPC600, cuando est\u00e1 habilitado \u0027DHCP Snooping\u0027 y ya sea que \u0027option82 insert\u0027 u \u0027option82 rebuild\u0027 est\u00e9n habilitado en una interfaz, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio) a trav\u00e9s de paquetes DHCP manipulados."
}
],
"id": "CVE-2015-8084",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-07T20:59:10.343",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/77300"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | fusionmanager | * | |
| huawei | fusionmanager | * | |
| huawei | usg9500_firmware | * | |
| huawei | usg9500_firmware | * | |
| huawei | usg9500 | - | |
| huawei | usg2100_firmware | * | |
| huawei | usg2100 | - | |
| huawei | usg2200_firmware | * | |
| huawei | usg2200 | - | |
| huawei | usg5100_firmware | * | |
| huawei | usg5100 | - | |
| huawei | usg5500_firmware | * | |
| huawei | usg5500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:fusionmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F27EF98-F5DA-426D-9CDF-8E425A0B212A",
"versionEndIncluding": "v100r002c03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:huawei:fusionmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1468F171-852F-4CC1-BA64-340B35501A9B",
"versionEndIncluding": "v100r003c00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB84AA3-8F2D-40F4-998F-D8941C38EB15",
"versionEndIncluding": "v200r001c01spc800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F49A05F-6945-4C7D-BA45-3635840485BF",
"versionEndIncluding": "v300r001c00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C486D62-23FD-4D64-AF97-2A70B1D6B715",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg2100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56136202-9759-4A86-A52B-AE841319C4DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD11D623-1A81-4535-9BA1-1C5A118FE70C",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A78C3EBF-B7B0-4239-95CF-588D78FF6BA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B881A96B-5B20-44D3-A039-7EFFEFEFFAF8",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5140E0A4-AA43-4410-BE72-7A751B8025D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1799A24D-062B-4E70-BB59-41B8BC7D0A12",
"versionEndIncluding": "v300r001c00spc900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC12456-351D-4DA4-8576-7FE9157E61DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface."
},
{
"lang": "es",
"value": "Huawei FusionManager con software V100R002C03 y V100R003C00 podr\u00edan permitir a un atacante remoto no autenticado, llevar a cabo un ataque de CSRF contra el usuario de la interfaz web."
}
],
"id": "CVE-2014-9136",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:00.453",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-372186"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}