Description: Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for more information....
Read More
Description: Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. Impact: An attacker can exploit this issue to...
Read More
Description: Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer...
Read More
Description: Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition. Impact: An attackers may exploit these issues to gain elevated privileges. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.cvedetails.com/cve/CVE-2016-8796/ http://www.securityfocus.com/bid/94405/info http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-firewall-en
Description: Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command’s parameters, and run this injected command with root privilege. Impact: An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.cvedetails.com/cve/CVE-2016-8801/ http://www.securityfocus.com/bid/94832/info http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161207-01-storage-en
