Note:
This project will be discontinued after December 13, 2021. [more]
Product:
E6878\-370_firmware
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-21 | CVE-2020-9069 | There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions... | Anne\-Al00_firmware, Berkeley\-L09_firmware, Cd16\-10_firmware, Cd17\-10_firmware, Cd17\-16_firmware, Cd18\-10_firmware, Cd18\-16_firmware, Columbia\-Tl00b_firmware, E6878\-370_firmware, Honor_10_lite_firmware, Lelandp\-L22a_firmware, Tc5200\-16_firmware, Ws5200\-11_firmware, Ws5200\-16_firmware, Ws5200\-17_firmware, Ws5800\-10_firmware, Ws6500\-10_firmware, Ws6500\-16_firmware | 6.5 | ||
| 2020-08-17 | CVE-2020-9241 | Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device. | E6878\-370_firmware | 7.0 | ||
| 2020-10-19 | CVE-2020-9111 | E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process. | E6878\-370_firmware, E6878\-870_firmware | 4.5 | ||
| 2020-05-29 | CVE-2020-1832 | E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. | E6878\-370_firmware | N/A | ||
| 2020-05-21 | CVE-2020-1799 | E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution. | E6878\-370_firmware | N/A |