The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers to obtain access.
Max CVSS
10.0
EPSS Score
0.54%
Published
2009-07-01
Updated
2018-10-10
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
Max CVSS
10.0
EPSS Score
0.31%
Published
2013-06-20
Updated
2013-06-21
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.
Max CVSS
10.0
EPSS Score
0.19%
Published
2020-01-27
Updated
2020-01-30
Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router WS860s before V100R001C02B222 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.86%
Published
2014-12-03
Updated
2014-12-05
The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allows remote attackers to bypass access restrictions and enter commands via unspecified parameters, as demonstrated by a "user creation command."
Max CVSS
10.0
EPSS Score
0.38%
Published
2017-10-03
Updated
2017-10-23
Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051.
Max CVSS
10.0
EPSS Score
0.43%
Published
2016-06-14
Updated
2016-06-14
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.
Max CVSS
10.0
EPSS Score
1.80%
Published
2017-03-24
Updated
2017-03-27
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110.
Max CVSS
10.0
EPSS Score
0.33%
Published
2016-09-07
Updated
2016-09-08
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.
Max CVSS
10.0
EPSS Score
0.33%
Published
2016-09-07
Updated
2016-09-08
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.
Max CVSS
10.0
EPSS Score
0.75%
Published
2017-06-20
Updated
2019-10-09
There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.
Max CVSS
10.0
EPSS Score
0.22%
Published
2021-06-30
Updated
2022-06-28
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
Max CVSS
10.0
EPSS Score
0.22%
Published
2021-06-03
Updated
2021-12-09
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
Max CVSS
10.0
EPSS Score
0.20%
Published
2021-10-28
Updated
2021-11-02
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
Max CVSS
10.0
EPSS Score
0.22%
Published
2022-02-25
Updated
2022-03-07
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
Max CVSS
10.0
EPSS Score
0.22%
Published
2022-02-25
Updated
2022-03-07
There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root permission which can be escalated.
Max CVSS
10.0
EPSS Score
0.23%
Published
2021-11-23
Updated
2021-11-29
There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.
Max CVSS
10.0
EPSS Score
0.22%
Published
2021-12-08
Updated
2022-07-12
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.
Max CVSS
10.0
EPSS Score
0.20%
Published
2022-01-03
Updated
2022-01-13
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
Max CVSS
10.0
EPSS Score
0.31%
Published
2022-01-03
Updated
2022-01-13
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
Max CVSS
10.0
EPSS Score
0.22%
Published
2022-03-10
Updated
2022-03-14
There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.
Max CVSS
10.0
EPSS Score
0.23%
Published
2022-06-13
Updated
2022-06-18
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app.
Max CVSS
10.0
EPSS Score
0.05%
Published
2023-06-16
Updated
2023-06-26
Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow attackers to execute arbitrary code or restart the system via crafted DNS packets.
Max CVSS
9.8
EPSS Score
0.40%
Published
2017-04-02
Updated
2017-04-05
Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions.
Max CVSS
9.8
EPSS Score
0.41%
Published
2017-09-07
Updated
2017-09-14
The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service (device outage) or possibly have unspecified other impact via crafted traffic on TCP port 8701.
Max CVSS
9.8
EPSS Score
0.85%
Published
2016-02-15
Updated
2016-03-10
1874 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!