Note:
This project will be discontinued after December 13, 2021. [more]
Product:
S6700_firmware
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 36 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-13 | CVE-2020-1866 | There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace... | Nip6800_firmware, S12700_firmware, S2700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware, Secospace_usg6600_firmware, Usg9500_firmware | 6.5 | ||
| 2020-01-09 | CVE-2020-1810 | There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information. | Cloudengine_12800_firmware, S5700_firmware, S6700_firmware | N/A | ||
| 2020-01-03 | CVE-2019-5304 | Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. | Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ips_module_firmware, Netengine16ex_firmware, Ngfw_module_firmware, Nip6300_firmware, Nip6600_firmware, S5700_firmware, S6700_firmware, Secospace_antiddos8000_firmware, Secospace_usg6300_firmware, Secospace_usg6500_firmware, Secospace_usg6600_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware | N/A | ||
| 2019-12-13 | CVE-2019-5291 | Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. | Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Cloudengine_12800_firmware, Netengine16ex_firmware, S6700_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware | N/A | ||
| 2018-02-15 | CVE-2017-17300 | Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected... | S12700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware | 7.5 | ||
| 2018-03-05 | CVE-2017-17141 | Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00;... | S12700_firmware, S1700_firmware, S2700_firmware, S3700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware | 3.7 | ||
| 2019-06-04 | CVE-2019-5285 | Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109) | S12700_firmware, S1700_firmware, S2300_firmware, S2700_firmware, S5300_firmware, S5700_firmware, S600\-E_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S7900_firmware, S9300_firmware, S9300x_firmware, S9700_firmware | 7.5 | ||
| 2017-11-22 | CVE-2017-8147 | AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine... | Ac6005_firmware, Ac6605_firmware, Ar1200_firmware, Ar200_firmware, Ar3200_firmware, Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Cloudengine_8800_firmware, E600_firmware, S12700_firmware, S1700_firmware, S2300_firmware, S2700_firmware, S5300_firmware, S5700_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S9300_firmware, S9700_firmware, Secospace_usg6600_firmware | 7.5 | ||
| 2018-03-09 | CVE-2017-17250 | Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past... | Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar3200_firmware, Ar510_firmware, Netengine16ex_firmware, S12700_firmware, S2700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware | 6.5 | ||
| 2018-02-15 | CVE-2017-17165 | IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5300 V200R003C00, V200R003C00SPC300T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R005C05, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5700... | Quidway_s2700_firmware, Quidway_s5300_firmware, Quidway_s5700_firmware, S2300_firmware, S2700_firmware, S5300_firmware, S5700_firmware, S600\-E_firmware, S6300_firmware, S6700_firmware | 7.5 |